-
Notifications
You must be signed in to change notification settings - Fork 3
/
madcrypt.sh
103 lines (96 loc) · 2.57 KB
/
madcrypt.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
# madcrypt version 1.0
## variables
### maddir: initial working directory
clear
maddir=$PWD
## dependency check
sleep 1
echo '[+] dependency check...'
if [ ! which strip > /dev/null 2>&1 ]; then
sleep 0.5
echo '[>] binutils missing! exiting...'
echo
exit 1
fi
if [ ! which upx > /dev/null 2>&1 ]; then
sleep 0.5
echo '[>] upx compressor missing! exiting...'
echo
exit 1
fi
if [ ! -f $maddir/bin/madfill.py ]; then
sleep 0.5
echo '[!] madfill missing! exiting...' >&2
echo
exit 1
fi
if [ ! -f $maddir/bin/sigthief/sigthief.py ]; then
sleep 0.5
echo '[!] sigthief missing! exiting...' >&2
echo
exit 1
fi
sleep 0.5
echo '[+] done!'
sleep 1
## script
### working variables:
### exePath: path of PE to obfuscate
### signChoice: PE signing boolean
### some ascii
echo " _ _ "
echo " mado-95's | | | |"
echo " _ __ ___ __ _ __| | ___ _ __ _ _ _ __ | |_"
echo " | _ _ \ / _ |/ _ |/ __| __| | | | '_ \| __|"
echo " | | | | | | (_| | (_| | (__| | | |_| | |_) | |_"
echo " |_| |_| |_|\__,_|\__,_|\___|_| \__, | .__/ \__|"
echo " __/ | |"
echo " |___/|_| v1.0"
echo
sleep 1
### basic configuration
read -p '[-] enter path to pe: ' exePath
if [ ! -f $exePath ]; then
sleep 0.5
echo '[!] file doesnt exist! exiting...'
echo
exit 1
fi
sleep 0.3
echo '[+] do you want to sign pe?'
sleep 0.3
echo ' - signature will be copied from different'
echo ' executable, and appended onto your pe'
sleep 0.3
echo ' - this is done by sigthief (not my software)'
sleep 0.3
read -p '[-] answer y/n: ' signChoice
sleep 1
### pe obfuscation begins
echo '[+] stripping...'
strip --strip-all $exePath > /dev/null 2>&1
sleep 0.3
echo '[+] pumping...'
python2 $maddir/bin/madfill.py $exePath 3 > /dev/null 2>&1
sleep 0.3
echo '[+] compressing...'
upx --force $exePath > /dev/null 2>&1
sleep 0.3
case $signChoice in
[Yy]* ) default_signature=$maddir/exes/putty.exe
read -p '[-] specify signature template: ' signature
sleep 0.3
echo '[+] signing...'
signature="${signature:-${default_signature}}"
python $maddir/bin/sigthief/sigthief.py -i $signature -t $exePath -o $maddir/tmp.exe > /dev/null 2>&1
rm -f $exePath && mv $maddir/tmp.exe $exePath
sleep 0.3;;
* ) ;;
esac
echo '[-] stripping again...'
strip --strip-all $exePath > /dev/null 2>&1
echo '[-] pumping again...'
python2 $maddir/bin/madfill.py $exePath 3 > /dev/null 2>&1
sleep 0.3
echo '[!] done!'
exit 0