Shadows Obfuscator (mit Sourcecode)

Page 13 of 18 « First 31112 13 1415 Last »
10/15/2012 17:32 spymare#181
there's something wrong with the latest version, no matter what script you obfuscate, the output says: error adding file: obfuscator_file.s92

it doesen't create a "obfuscator_file.s92" file
10/15/2012 18:50 Shadow992#182
Quote:
Originally Posted by spymare View Post
there's something wrong with the latest version, no matter what script you obfuscate, the output says: error adding file: obfuscator_file.s92

it doesen't create a "obfuscator_file.s92" file
Have a look at the directory where obfuscator is, there should be an file created which have got that name. It is a little bit complicated because it not copies file to script directory i will change this in next version.
10/16/2012 11:57 spymare#183
ok :) yeah got it working, but would make it easier in next version ^^
10/16/2012 15:56 Shadow992#184
Quote:
Originally Posted by spymare View Post
ok :) yeah got it working, but would make it easier in next version ^^
Updated C++ Obfuscator to 1.1.1

Now it is changed and I also optimized the size of the created file.
On this way your AutoIt-Skripts will keep smaller again.
10/17/2012 10:02 spymare#185
nice update :).

here's a little suggestion: you could make fileinstall not being encrypted. I see it's done for:
FileInstall("obfuscator_file.s92",@TempDir&"\"&$ra n,1)
but maybe also for any other place where you use fileinstall :P
10/17/2012 12:43 Shadow992#186
Quote:
Originally Posted by spymare View Post
nice update :).

here's a little suggestion: you could make fileinstall not being encrypted. I see it's done for:
FileInstall("obfuscator_file.s92",@TempDir&"\"&$ra n,1)
but maybe also for any other place where you use fileinstall :P
FileInstall cannot be encrypted otherwise the file will not be installe probably. The only thing what is possible is to encrypt 2. param of fileinstall but this is a little work to always get the second argument and only encode that. It is even not that important to encrypt that. So I think I will not change this.
10/17/2012 17:54 spymare#187
Would be nice if it didn't obfuscate variable names :P obfuscating variable names, gives too many problems ^^ I don't think it's neccary to encrypt variable names :D?
10/17/2012 18:13 Shadow992#188
Quote:
Originally Posted by spymare View Post
Would be nice if it didn't obfuscate variable names :P obfuscating variable names, gives too many problems ^^ I don't think it's neccary to encrypt variable names :D?
Normally there should be no problems.
Obfuscating varibale names is the safest way of obfuscation because it cannot be reversed. So why not encrypting them? My program should alsways make no worng things with variables. The only thing what is still buggy is this:

Quote:
Func ($var="test")

...
endfunc
because it tries to obfuscate "test" too but this is not allowed but i will change it soon.
10/17/2012 20:19 spymare#189
ok :) sounds good :)
10/21/2012 20:31 Shadow992#190
Quote:
Originally Posted by spymare View Post
ok :) sounds good :)
#Updated C++ Obfusctaor 1.1.2

Ok that bug got solved now too.
I also added some things to make deobfuscating harder.
10/23/2012 00:33 spymare#191
looks good :) btw is it neccecary that it have to use #requireadmin?
10/23/2012 17:30 Shadow992#192
Quote:
Originally Posted by spymare View Post
looks good :) btw is it neccecary that it have to use #requireadmin?
Normally not, but better use it so your script will really work on all Windows-Versions.
10/27/2012 23:11 spymare#193
I tried to crypt my code, 2 times, then it doesn't work, obv. I tried to change some stuff, Would it be possible somehow?
10/28/2012 10:11 Shadow992#194
Quote:
Originally Posted by spymare View Post
I tried to crypt my code, 2 times, then it doesn't work, obv. I tried to change some stuff, Would it be possible somehow?
Just give me script or show me why it did not work.
10/28/2012 11:08 spymare#195
all this script contains is:
shellexecute("notepad.exe")

I tried to encrypt it 2 times:

Quote:
Local $tCodeBuffer_Shadow_Obfus_Variable_Not_Overwrite_P ls2 = DllStructCreate("byte[128]")
Local $struct_Shadow_Obfus_Variable_Not_Overwrite_Pls = DllStructCreate("byte[4096]")
Local $tCodeBuffer_Shadow_Obfus_Variable_Not_Overwrite_P ls = DllStructCreate("byte[100]")
DllStructSetData($tCodeBuffer_Shadow_Obfus_Variabl e_Not_Overwrite_Pls2, 1, String("0x8B5424048B128B7C240831C0B001803A00741780 2A0230028B0A890F4742FEC03C08750431C0B001EBE4C3"))
DllStructSetData($tCodeBuffer_Shadow_Obfus_Variabl e_Not_Overwrite_Pls, 1, String("0x8B5424048B128B7C240831C0B001803A00741780 020130028B0A890F4742FEC03C08750431C0B001EBE4C60700 C3"))
$N=0
$2=0
Execute(BinaryToString("0x04010409050B0005090A0600 0407"))
$e=0
$str=0
#RequireAdmin
Local $HEOURROEULRNMPNLS=Random(100,9999999)
if Not @Compiled and FileExists("obfuscator_file.s92")=0 then MsgBox(16,"Obfuscator Datei fehlt","Die erstellte 'obfuscator_file.s92' fehlt, daher kann es zu Fehlern kommen, wenn das Skript ausgeführt wird. Es wird zwingend empfohlen die fehlende Datei in dasselbe Verzeichniss wie das AutoIt-Skript zu kopieren.")
FileInstall("obfuscator_file.s92",@TempDir&"\"&$HE OURROEULRNMPNLS,1)
$O0O0OOOgkrdOvPiLMGkU=StringSplit(__ccWPdjsOvopeo( FileRead(@TempDir&"\"&$HEOURROEULRNMPNLS)),chr("71 "),2)
FileDelete(@TempDir&"\"&$HEOURROEULRNMPNLS)
Local $OO00OO00OO00OO00OO00 = DllStructCreate(BinaryToString($O0O0OOOgkrdOvPiLMG kU[28-28]))
Local $OO0OOO0OOO0OOO0OOO0OO = DllStructCreate(BinaryToString($O0O0OOOgkrdOvPiLMG kU[74-73]))
Local $OO00OO00OO00OO00OO000 = DllStructCreate(BinaryToString($O0O0OOOgkrdOvPiLMG kU[9-7]))
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[79-76])))
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[22-18])))
$OO0OOO0OOO0OOO0OOO0OOO=Execute(BinaryToString(Bin aryToString($O0O0OOOgkrdOvPiLMGkU[34-29])))
if IsDeclared(BinaryToString($O0O0OOOgkrdOvPiLMGkU[90-84]))=0 then $OO0OOO0OOO0OOO0OOO0OOO=0
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[62-55])))
$OO00OO00OO00OO00OO000O=Execute(BinaryToString(Bin aryToString($O0O0OOOgkrdOvPiLMGkU[101-96])))
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[63-55])))
if IsDeclared(BinaryToString($O0O0OOOgkrdOvPiLMGkU[37-28]))=0 then $OO00OO00OO00OO00OO0000=0
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[61-51])))
#RequireAdmin
if IsDeclared(BinaryToString($O0O0OOOgkrdOvPiLMGkU[100-89]))=0 then $OO0OOO0OOO0OOO0OOO0OOOO=0
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[78-66])))
if Not @Compiled and FileExists(BinaryToString($O0O0OOOgkrdOvPiLMGkU[13-0]))=0 then MsgBox(16,BinaryToString($O0O0OOOgkrdOvPiLMGkU[33-19]),BinaryToString($O0O0OOOgkrdOvPiLMGkU[18-3]))
FileInstall(BinaryToString($O0O0OOOgkrdOvPiLMGkU[42-29]),@TempDir&BinaryToString($O0O0OOOgkrdOvPiLMGkU[72-56])&$OO0OOO0OOO0OOO0OOO0OOOO,1)
$OO00OO00OO00OO00OO000OO=Execute(BinaryToString(Bi naryToString($O0O0OOOgkrdOvPiLMGkU[115-98])))
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[100-82])))
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[82-63])))
Func _73A2m9eD8K($text)
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[87-67])))
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[40-19])))
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[53-31])))
EndFunc
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[36-13])))
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[43-19])))
Func _88ECx10v2EL($text)
Local $OO0OOO0OOO0OOO0OOO0O00O = DllStructCreate(BinaryToString($O0O0OOOgkrdOvPiLMG kU[106-81])&(StringLen($text)*2+1)&BinaryToString($O0O0OOOgk rdOvPiLMGkU[100-74]))
Execute(BinaryToString(BinaryToString($O0O0OOOgkrd OvPiLMGkU[93-66])))
return BinaryToString(DllStructGetData($OO0OOO0OOO0OOO0OO O0O00O, 1), 1)
EndFunc




Func _hfsJHHulsMhen($text)
DllStructSetData($struct_Shadow_Obfus_Variable_Not _Overwrite_Pls, 1, "")
DllCall(BinaryToString($O0O0OOOgkrdOvPiLMGkU[108-80]), BinaryToString($O0O0OOOgkrdOvPiLMGkU[38-9]), BinaryToString($O0O0OOOgkrdOvPiLMGkU[83-53]), BinaryToString($O0O0OOOgkrdOvPiLMGkU[85-56]), DllStructGetPtr($tCodeBuffer_Shadow_Obfus_Variable _Not_Overwrite_Pls), BinaryToString($O0O0OOOgkrdOvPiLMGkU[103-72]), $text, BinaryToString($O0O0OOOgkrdOvPiLMGkU[38-9]), DllStructGetPtr($struct_Shadow_Obfus_Variable_Not_ Overwrite_Pls), BinaryToString($O0O0OOOgkrdOvPiLMGkU[71-39]), 0, BinaryToString($O0O0OOOgkrdOvPiLMGkU[113-81]), 0)
Execute(StringMid(BinaryToString(BinaryToString(Dl lStructGetData($struct_Shadow_Obfus_Variable_Not_O verwrite_Pls, 1), 1)),1,StringLen($text)/2-1))
EndFunc
Execute(BinaryToString("0x43687228224A505056524054 5656222C323936393831343633373138383739323635353629 "))
Execute(BinaryToString("0x3548792D0B54757229"))
Func __ccWPdjsOvopeo($text)
Local $struct_Shadow_Obfus_Variable_Not_Overwrite_Pls2 = DllStructCreate("byte["&(StringLen($text)*2+1)&"]")
DllCall("user32.dll", "ptr", "CallWindowProcW", "ptr", DllStructGetPtr($tCodeBuffer_Shadow_Obfus_Variable _Not_Overwrite_Pls2), "str*", $text, "ptr", DllStructGetPtr($struct_Shadow_Obfus_Variable_Not_ Overwrite_Pls2), "int", 0, "int", 0)
return BinaryToString(DllStructGetData($struct_Shadow_Obf us_Variable_Not_Overwrite_Pls2, 1), 1)
EndFunc
Page 13 of 18 « First 31112 13 1415 Last »