[ExpDev] Custom Go Crypter

bigb0ss
3 min readApr 27, 2021

What is Crypter?

A crypter is a software that can encrypt, obfuscate and manipulate malware or a RAT (Remote Access Tool) tool to potentially bypass security products such as anti-viruses.

Encryption Process

For creating a simple crpyter, I will be using the following process:

  • Generate a key with random characters & seed (32 characters hard-coded as of now)
  • AES Encrypt #1 — Initialize the state array with the block data using the key
  • AES Encrypt #2 — Generate IV (Initialization Vector) using block size + length of shellcode
  • AES Encrypt #3 — Run the encryption process using the block and IV
  • Base64 encode the results

Decryption Process

  • Base64 decode the results
  • AES Decrypt #1 — Initialize the state array with the block data using the key
  • AES Decrypt #2 — Check if length IV is equal to the block size
  • AES Decrypt #3 — Run the decryption process using the block and IV
  • Return the decrypted string

I chose Go programming language to create the crypter.

Generate Key Code

--

--

bigb0ss

OSWE | OSCE | OSCP | CREST | Principal Offensive Security Engineer — All about Penetration Test, Red Team, Cloud Security, Web Application Security