Git Product home page Git Product logo

skcrypter's Introduction

skCrypter

Compile-time, Usermode + Kernelmode, safe and lightweight string crypter library for C++11+

What is the problem?

#1 Strings

  • Having plain strings stored in the binary file or in memory can help reversering attempts to be much easier.
  • If the program is targeted by string detection scans you had to change the strings everytime you get detected.

#2 Some crypters

  • Decrypt the string on the current stack location. Even though in some situations the stack location is overwritten on returning from a function, especially when the decryption is called from the main function the decrypted string stays on the stack for the lifetime of the stack/program thus leaking it
  • Do not work with both Usermode and Kernelmode
  • Greater overhead
  • Require compiler optimizations enabled
  • Vulnerable against default bruteforcing

Why this crypter?

skCrypter works out of the box with both Usermode + Kernelmode and compiler optimizations on/off (tested with msvsc++19). The overhead is very low and the storage of the string is at a fixed address which is controlable at every time and clearable traceless(builtin function). The encryption is randomized at every compilation and protected against default bruteforcing.

  • Compile time string encryption

    The plain string is not visible in the binary
    
  • Protected against bruteforcing

    The string is randomly(key+algorithm) XOR´ed protecting against default XOR bruteforcing
    
  • Usermode + Kernelmode

    Ready to use solution for both Usermode and Kernelmode
    
  • Traceless

    The string storage can be fully cleared if necessary
    
  • C++11+ support

  • Unicode support

  • Lightweight

    Smallest amount of overhead in comparison to plain text binary
    
  • Easy to use

    Intuitive functions
    
  • Full control

    You can access and manipulate the string storage at any time
    
  • Global lifetime

    The encrypted string has static lifetime until cleared
    
  • Auto decrypt

    You can pass the returned class into a function
    

Example:

Include skCrypter.h

auto testString = skCrypt(L"TestString");	// encrypted at compile-time
						// or skCrypt_key to set the keys manually

wprintf(testString);                            // automatic decryption on usage (alternatively .decrypt())

testString.encrypt();	                        // encrypt after usage if needed again
                                            // or                   
testString.clear();	                        // set full string storage to 0

Important:

  • Compiler Optimization /02 might cause wrong decryption, so use /01 or disable it
  • For Kernel mode __TIME__ has to be enabled by setting "Project properties" -> "Driver Setting" -> "Driver Model" -> "Allow Date, Time and TimeStamp". Alternatively replace __TIME__ with your own keys

skcrypter's People

Contributors

fengjixuchui avatar skadro-official avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.