PET - Poly/encrypting engine tester    [by BlueOwl]

  

        ; PET - Poly/encrypting engine tester
        ; ***********************************

        ; Actually, there are not *a lot* of people exercising encryptings and
        ; polymorphic engines these days anymore. So for the people who are coding,
        ; or want to code this stuff i made this code.

        ; What you have to do is simple, you simply attach your poly engine to the
        ; back of this file, and make sure it accepts all parameters correctly. Then
        ; compile and run this file. It will use your poly engine to encrypt a little
        ; test code and compile it into a real program which it executes. So this
        ; way you can test your poly engine easy, without having to use tons of batch
        ; files of manual copys. If you are using FASM, simply press F9. If you rather
        ; not have the new file executed too, comment the *** and all will be well.

        ; Good luck, i hope you can find some use for this ;)

        ; BlueOwl


                ; equates (you can change them)

                max_decryptor_size      equ 4096
                code_to_crypt_size      equ 204         ; do not change this to a lower value

format PE GUI 4.0

include '%fasminc%/win32a.inc'

entry start

section '.idata' readable writeable import

                library kernel32,'KERNEL32.DLL',\
                        shell32,'SHELL32.DLL'
                include '%fasminc%/apia/kernel32.inc'
                include '%fasminc%/apia/shell32.inc'

section '.text' code readable writeable executable

start:          invoke  GlobalAlloc,GMEM_FIXED,max_decryptor_size
                xchg    eax, edi
                push    edi

                invoke  CreateFile,nfile,GENERIC_WRITE,0,0,\
                        CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,0
                cmp     eax, INVALID_HANDLE_VALUE
                jz      dealloc
                push    eax

                mov     esi, test_code
                mov     ecx, code_to_crypt_size
                invoke  GetTickCount
                mov     edx, 00041000h
                call    poly_engine             ; eax = size of outputted

                xchg    eax, esi                ; esi = size of decryptor

                mov     ebx, 1000h
                add     ebx, esi
                mov     dword [peheader+80], ebx        ; fix imagesize
                mov     dword [sectionheader+8], esi    ; fix physical size
                mov     dword [sectionheader+16], esi   ; fix virtual size

                pop     edi

                invoke  WriteFile,edi,mzheader,512,nbr,0 ; write mz and peheader to file
                mov     ebx, [esp]
                invoke  WriteFile,edi,ebx,esi,nbr,0     ; write polymorphic engine to file

                invoke  CloseHandle,edi                 ; closeup
dealloc:        invoke  GlobalFree

                invoke  ShellExecute,0,0,nfile,0,0,0    ; ***
                ret

                nfile   db "testfile.exe",0

                ; this is the test code which will be encrypted by your
                ; polymorphic engine

test_code       db      05Bh,053h,066h,029h,0DBh,066h,081h,03Bh,04Dh,05Ah
                db      074h,008h,081h,0EBh,000h,000h,001h,000h,0EBh,0F1h
                db      08Bh,053h,03Ch,001h,0DAh,081h,03Ah,050h,045h,000h
                db      000h,075h,0E4h,0E8h,00Dh,000h,000h,000h,04Ch,06Fh
                db      061h,064h,04Ch,069h,062h,072h,061h,072h,079h,041h
                db      000h,05Fh,0E8h,052h,000h,000h,000h,0E8h,007h,000h
                db      000h,000h,075h,073h,065h,072h,033h,032h,000h,0FFh
                db      0D2h,093h,0E8h,00Ch,000h,000h,000h,04Dh,065h,073h
                db      073h,061h,067h,065h,042h,06Fh,078h,041h,000h,05Fh
                db      0E8h,02Ch,000h,000h,000h,06Ah,040h,0E8h,005h,000h
                db      000h,000h,054h,065h,073h,074h,000h,0E8h,016h,000h
                db      000h,000h,053h,075h,063h,063h,065h,073h,073h,066h
                db      075h,06Ch,06Ch,079h,020h,065h,078h,065h,063h,075h
                db      074h,065h,064h,000h,06Ah,000h,0FFh,0D2h,0C3h,08Bh
                db      053h,03Ch,001h,0DAh,08Bh,052h,078h,001h,0DAh,08Bh
                db      072h,020h,001h,0DEh,029h,0C9h,041h,0ADh,001h,0D8h
                db      057h,056h,096h,0ACh,008h,0C0h,074h,00Ah,047h,03Ah
                db      047h,0FFh,074h,0F5h,05Eh,05Fh,0EBh,0EAh,05Eh,05Fh
                db      08Bh,072h,024h,001h,0DEh,00Fh,0B7h,00Ch,04Eh,049h
                db      08Bh,072h,01Ch,001h,0DEh,08Bh,014h,08Eh,001h,0DAh
                db      0C3h,000h,000h,000h

                ; This is the header this prog will write to file.

mzheader        db      04Dh,05Ah,080h,000h,001h,000h,000h,000h,004h,000h
                db      010h,000h,0FFh,0FFh,000h,000h,040h,001h,000h,000h
                db      000h,000h,000h,000h,040h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      080h,000h,000h,000h,00Eh,01Fh,0BAh,00Eh,000h,0B4h
                db      009h,0CDh,021h,0B8h,001h,04Ch,0CDh,021h,074h,068h
                db      069h,073h,020h,070h,072h,06Fh,067h,072h,061h,06Dh
                db      020h,063h,061h,06Eh,06Eh,06Fh,074h,020h,062h,065h
                db      020h,072h,075h,06Eh,020h,069h,06Eh,020h,044h,04Fh
                db      053h,020h,06Dh,06Fh,064h,065h,02Eh,00Dh,00Ah,024h
                db      000h,000h,000h,000h,000h,000h,000h,000h
peheader        db      050h,045h,000h,000h,04Ch,001h,001h,000h,070h,034h
                db      092h,041h,000h,000h,000h,000h,000h,000h,000h,000h
                db      0E0h,000h,08Eh,081h,00Bh,001h,001h,036h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,010h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,040h,000h,000h,010h,000h,000h
                db      000h,002h,000h,000h,001h,000h,000h,000h,000h,000h
                db      000h,000h,004h,000h,000h,000h,000h,000h,000h,000h
                db      0C9h,010h,000h,000h,000h,002h,000h,000h,005h,049h
                db      000h,000h,002h,000h,000h,000h,000h,010h,000h,000h
                db      000h,010h,000h,000h,000h,000h,001h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,010h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h
sectionheader   db      02Eh,066h,06Ch,061h,074h,000h,000h,000h,0C9h,000h
                db      000h,000h,000h,010h,000h,000h,000h,002h,000h,000h
                db      000h,002h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,060h,000h,000h,0E0h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
                db      000h,000h,000h,000h,000h,000h

nbr             dd 0

; ########################################################################################

        ; Your poly engine
        ;
        ; in:   eax = random
        ;       ecx = size of code (204 bytes)
        ;       *edx = where the decryptor will be loaded (*optional use)
        ;       esi = start of code
        ;       edi = start of output buffer (4096 bytes)

        ; out:  eax = size of code outputted to the output buffer
        ;       other registers do not matter


poly_engine:

                ; your code here ;)


                ret