40 lines
1.3 KiB
Markdown
40 lines
1.3 KiB
Markdown
[SECRET//DNR]
|
|
|
|
Secret//DO NOT RELEASE.
|
|
|
|
# Documentation of all files found in this folder.
|
|
|
|
# loader.nim
|
|
|
|
Takes an input bytearray and writes it to disk as first CLI argument when run.
|
|
format:
|
|
[seq[byte]](@[0x40,0x80]
|
|
|
|
# encfile.nim
|
|
Has multiple functions to encrypt text and/or files (streams) with AES-256 derived using HMAC (SHA512_256). Max. password size 1024 characters. Tested. Is suitable for sensitive data.
|
|
Has a fingerprint/is detectable.
|
|
|
|
# OFFENSIVEencfile.nim
|
|
Very stripped-down encryption tool. Takes a stream and encrypts it (AES256 with HMAC SHA512_256). No max. password size.
|
|
Has a fingerprint/is detectable.
|
|
|
|
# Packer.nim
|
|
Ideally a "packer"/loader for the main stage. Still very experimental and needs heavy rework.
|
|
|
|
# checkfile.nim
|
|
Basic program that uses direct/hidden syscalls to know if a file exists. Undetectable in normal conditions.
|
|
Can be chained with other direct syscalls to copy sensitive files.
|
|
|
|
# Browser.nim
|
|
Uses direct syscalls to know if Firefox and Chrome are installed. Afterwards, steals the files, puts them in an encrypted archive and encrypts it with AES-256 (HMAC SHA512_256 derivation). Undetectable in theory and practice. Spoofs PID.
|
|
|
|
# bsod.nim
|
|
Serves a BSOD to targets on Windows.
|
|
|
|
# basicadware.nim
|
|
Basic adware. Selects messages based on a pool. FUD.
|
|
|
|
# mic_reg.nim
|
|
|
|
[Broken]
|
|
Checks if Windows OSD is enabled. |