I don't understand.. it de-compiles it and then compiles it again? Causing it to not work anymore? I'm rather surprised it even compiles
I was messing around trying to create a program that could take an exe modify its code into another unseen md5 hash to share to the world then restore it to it's original state.
Welp I did it. I can't say weather or not it would actually be useful to anyone here as there are some other gray places it may fit better.
Clearly it's not the most advanced code as I'm not trying to hide how it's done.
It takes and converts your exe to text then modifies a portion of the text before recompiling creating a non working piece of art.
Upon taking that piece of art and choosing the restore option it brings the exe back into it's original state.
Would this be interesting to anyone or no? I know other things do it but this would be free and is rather simple.
The file output size is bigger until restored.
Looking forward to some feedback.
Edit: It uses a technique I wrote in C# and the typical Base64 obfuscation methodology tied in.
I will be creating more and more advanced variants of the program over time. Bringing files that are not even distinguishable to the original while still being able to be brought back.
Once I feel it is solid I will move onto allowing all file types.
Last edited by IfOnlyYouKnew; 04-05-2022 at 07:40 PM.
I don't understand.. it de-compiles it and then compiles it again? Causing it to not work anymore? I'm rather surprised it even compiles
Put simply yes, I was having more issues than expected because as you can imagine certain files could not be re-compiled using this method, although I think I just realized a way to at the very least work around the issue and make any exe you would need to work by allowing you to change the code in which it will obfuscate ahead of time. The reason it's able to recompile is because if done right it won't read as an obfuscated EXE but instead a mz exe. There were certain things still detecting the c99.php but if written into binary first then placed in the EXE it passed. I'll upload the Program here soon, it has bugs as it was honestly an idea I thought may not work but did ...also I'm not the best coder or hacker so double surprise to me that it worked. Uploading in 10.
Encrypt You
Use: Get EXE ready.....Choose obfuscation if you enter no String or Letter in the boxes they default to "AA" "++"
Virus Scans:
https://www.virustotal.com/gui/file/...f9f0?nocache=1
https://virusscan.jotti.org/en-US/fi...job/k509p2r479
1 False flag on the Zip, 5 False flags on the program. Sorry lol.
Do note since you have control over what it obfuscates to and from....not everything will work and somethings may show virus counts and etc. if done wrong. If really done wrong it just won't work. You have the power now.
The program doesn't self clean the best only as needed, so you may need to self clean after obfuscation and restore as well.
If output is correct you will get a file in the BaseDirectory named: Encrypted.exe
To ensure its correct move the file to another location then attempt to Restore it. (Remember to clean up first) [The settings must match the Obfuscation String and Letters or it cannot restore]
If all's well that ends well then you should have a file called Restore.exe and it should run the same as the original.
Also: Certain exe may take extensive time and or not translate correctly, so be patient and don't expect every exe in the world to work.......although I've tested quite a few that do.
Also I'm shit, soooo....yeah take that as it is.
Edit: If files like this aren't allowed please let me know and I will not upload such.
Edit: Scans example: Obfuscated | Normal/Restored
Last Edit: You will have to match your settings just right for certain EXE and AGAIN note that it is using Base64 meaning the reason somethings don't work is do to layout/error in translating back for instance you replace "AA" with "++" while in some cases this may work and has, some files contain values such as "++++"/etc... so when it goes to switch back it will switch all "++" back and will catch the "++++" as well destroying the file and not working. Its a bit tedious at times getting it right.
Lastly if you replace "A" with "SomeWord" when trying to switch back the word "SomeWord" may have split into "Som" then next line "eWord" therefore it's no longer "SomeWord" and won't change at all.
Also I can provide Source for whoever want's to make a "Good" program out of it.
Last edited by IfOnlyYouKnew; 04-16-2022 at 01:16 AM.
Although decompiling it would probably work just fine to get the source for those not wanting to wait for an upload.
IfOnlyYouKnew (04-28-2022)
[MPGH]meme (05-01-2022)