Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Release] Kal El: Protecting your Applications

Majii Guy
Majii Guy
in Programming and Coding

Featured Replies

Posted
I wrote a class that uses a blend of polymorphic code; something I originally wrote for another user, who had too much trouble integrating it, I figure the community could use it.

The PHP script attached will verify an account ID given over a network pipe, then return the requested function. The script should store all valuable functions in an encoded/encrypted/encoded buffer, which the client will fetch when needed, decrypt, load to stack, and execute.

For an example, check out the WinMain.cpp file, and take note of the "GetFunction" and "QueueFunction".

The kePolymorphic class is, essentially, just a large NOP; a number of random instructions are completed on each run, but the instructions don't change, only which instructions get executed. That's where I would personally store strings that should appear interesting to a potential reverser, but in all reality, do nothing of value (As seen with examples such as "@lawnmower", "@godmode", etc).

Most, if not all of the strings in the library are encoded; you'll have to modify the host encoded buffer and the request to your specific server, where the modified PHP script would be hosted.

Lastly, there is a key in the keConfig.h file, you can modify it or not; I personally would. Below is a python script for encrypting given buffers, then writing to a file, "key.txt".

#!/usr/bin/python

from time import sleep

eiEncrypt_Key = [ 0xA9, 0x9F, 0x02, 0x87, 0x3A, 0x16, 0xFF, 0x6F, 0x75, 0x74 ]

eiDecrypt_Key = [ 0x74, 0x75, 0x6F, 0xFF, 0x16, 0x3A, 0x87, 0x02, 0x9F, 0xA9 ]

def eiCrypt_Encrypt( eiString ):

i = 0

while eiString != 0x00:

j = 0

for l in eiEncrypt_Key:

eiString ^= eiEncrypt_Key[j]

j+=1

i+=1

return eiString

def eiCrypt_Decrypt( eiCryptedString ):

i = 0

while eiCryptedString != 0x00:

j = 0

for l in eiEncrypt_Key:

eiCryptedString ^= eiDecrypt_Key[j]

j+=1

i+=1

return eiCryptedString

x = input()

k = 0

m = []

while k < len ( x ):

m.append ( ord( x[k] ) )

k += 1

realstring = ""

m.append ( 0x00 )

for x in eiCrypt_Encrypt(m):

if x != 0x00:

realstring += "'\\x"+str(hex(x)).strip("0x")+", "

f = open ( "key.txt", "wb" )

k = " { %s };" % realstring

f.write ( k )

f.close ( )

Enjoy, everybody!

http://www.sendspace.com/file/wnbgdq

Use it as you want, credits or not; it's not terribly messy, some parts were a bit inflexible (e.g.: The GetFunction function should accept one or two more parameters for the hostname and request to be sent, etc). Otherwise, I think it works fairly well.

Create an account or sign in to comment

Go to topic listing

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.