Documentation ¶
Overview ¶
Package pakkero will pack, compress and encrypt any type of executable. Encryption library
Package pakkero will pack, compress and encrypt any type of executable. Obfuscation library
Package pakkero will pack, compress and encrypt any type of executable.
Package pakkero will pack, compress and encrypt any type of executable. Utilities library
Index ¶
- Constants
- Variables
- func EncryptAESReversed(plaintext []byte, outfile string) (string, error)
- func ExecCommand(name string, args []string) bool
- func GenerateNullString(n int) string
- func GenerateRandomAntiDebug(input string) string
- func GenerateRandomGarbage(size int64) string
- func GenerateStringFunc(txt string, function string) string
- func GenerateTyposquatName(length int) string
- func GzipContent(input []byte) []byte
- func ObfuscateFuncVars(input string) string
- func ObfuscateLauncher(infile string) error
- func ObfuscateStrings(input string) string
- func Pakkero(infile string, offset int64, outfile string, dependency string, compress bool, ...)
- func Random(min, max int64) int64
- func RandomInt64(max int64) int64
- func RegisterDependency(dependency string)
- func ReverseByte(b byte) byte
- func ReverseByteArray(input []byte) []byte
- func ReverseString(input string) string
- func ReverseStringArray(ss []string) []string
- func ShuffleSlice(in []string) []string
- func StripFile(infile string, launcherFile string) bool
- func StripUPXHeaders(infile string) bool
- func Unique(slice []string) []string
Constants ¶
const ( SuccessColor = "\033[1;32m%s\033[0m" WarningColor = "\033[1;33m%s\033[0m" ErrorColor = "\033[1;31m%s\033[0m" )
Colors for strings.
const ERR = 1
ERR Is the exit Code 1.
const OK = 0
OK Is the exit Code 0.
Variables ¶
var LauncherStub = "unset"
LauncherStub Stub of the Launcher.go, put here during compilation time.
var Secrets = map[string][]string{}
Secrets are the group of strings that we want to obfuscate.
Functions ¶
func EncryptAESReversed ¶
EncryptAESReversed Wrapper around AESGCM encryption
this will not only encrypt the payload but: - generate a password using the randomized UPX Binary's sha512_256 sum - cipher the payload with AESGCM using the generated password - swap endianess on all the encrypted bytes - reverse the complete payload.
func ExecCommand ¶
ExecCommand is a wrapper arount exec.Command to execute a command and ensure it's result is not err.
func GenerateNullString ¶
GenerateNullString will return a string with only void chars.
func GenerateRandomAntiDebug ¶
GenerateRandomAntiDebug will Insert random order of anti-debug check together with inline compilation to induce big number of instructions in random order.
func GenerateRandomGarbage ¶
GenerateRandomGarbage creates random garbage to rise entropy.
func GenerateStringFunc ¶
GenerateStringFunc will hide a string creating a function that returns that value as a string encoded with a series of length calculation of randomic string arrays generated.
func GenerateTyposquatName ¶
GenerateTyposquatName is a typosquat name generator based on a length (128 default) this will create a random uniqe string composed only of letters and zeroes that are lookalike.
func GzipContent ¶
GzipContent an input byte slice and return it compressed.
func ObfuscateFuncVars ¶
ObfuscateFuncVars will:
- extract all obfuscation-enabled func and var names:
- those start with "ob*" and will be listed
- for each matching string generate a typosquatted random string and replace all string with that
func ObfuscateLauncher ¶
ObfuscateLauncher the go code of the runner before compiling it.
Basic techniques are applied: - GenerateRandomAntiDebug - ObfuscateStrings - ObfuscateFuncVars.
func ObfuscateStrings ¶
ObfuscateStrings will extract all plaintext strings denotet with backticks and obfuscate them using byteshift wise operations.
func Pakkero ¶
func Pakkero(infile string, offset int64, outfile string, dependency string, compress bool, stdout bool)
Pakkero will Encrypt and pack the payload for a secure execution.
func RandomInt64 ¶
RandomInt64 will return a random number in a range.
func RegisterDependency ¶
func RegisterDependency(dependency string)
RegisterDependency will take a file in input and register the Byte Frequency Distribution (BFD) and some other data to let the launcher do statystical analysis of the found files.
func ReverseByteArray ¶
ReverseByteArray will reverse a slice of bytes.
func ReverseStringArray ¶
ReverseStringArray reverse a slice of strings.
func StripUPXHeaders ¶
StripUPXHeaders will ensure no trace of UPX headers are left so that reversing will be more challenging and break simple attempts like "upx -d" in case of compression.
Types ¶
This section is empty.