• XSS.stack #1 – первый литературный журнал от юзеров форума

[FREE] Educational Windows File Encryptor: X25519 DH + XChaCha20

Перейти к новому Отслеживать
Remio

Remio

HDD-drive
Пользователь
Регистрация
13.06.2025
Сообщения
40
Реакции
32

-= A BETTER EDUCATIONAL WINDOWS FILE ENCRYPTOR SOURCE =-

To answer the question in replies on my last post about speed, yes curve25519 DH + HKDF is faster than RSA. Also, HKDF adds basically no noticeable overhead compared to disk I/O and symmetric encryption. This program a simple / better full refactor of the concept in my previous article and fixes some fundamental inaccuracies:
  • Removed bolted on network scanner and fixed the local encryption functionality.
  • Replaced SHA512 with HMAC-SHA512 from Windows CNG
  • Decryption instruction is now patched in, encrypted with XChaCha20 and decrypted on runtime (written to the desktop and encrypted processed directorys root).
  • Drive enumeration is simplified by using FindFirstVolumeW to iterate all logical volumes on fixed and removable disks instead of targeting user directories.
  • Recursive scanning now skips any set system paths and ignored extensions.
  • Crypto scheme still uses Curve25519-Donna and XChaCha20, with HKDF-SHA512 generating session keys.
  • Desktop / CLI launchable: -noMutex, -h (header only), -f (full), -ds (delete shadow copies using COM + WMI (Win32_ShadowCopy) to enumerate and delete shadow copies)
  • Use Native windows thread pool and read/write file in 1MB chunks
  • Check for admin and trigger UAC prompt on launch
  • Fixed crypto files for consisten winAPI use without STL or CRT

Each file has a 68-byte file_meta footer for restoration. The builder writes master keys and encrypted note XChaCha20 into the binary using marker-based patching. README_DECRYPT.txt note is written to the desktop and root of every dir that’s encrypted now also. The code is also tidied up and more uniform

Not for live malwares. Sandbox / VM use only. Hence lack of network encrypts and no obfuscation. Only test on files you don’t need.

No article but I will include wallet for donation if anyone finds interesting and wishes to support this study and future projects. Many thanks.

XMR: 86TQBM5YYSGFribqAqvJeJ9ktJegfRkTtVH8wrkEzMmTS9sy6Ffvfd157D8LURyfjRANMAXYXMzb6hsVfV8pj7et9NWXC8j


-= CODE WALKTHROUGH: =-

Builder:
1. Generates random 32-byte master_private_key (mk).
2. Derives 32-byte master_public_key (pk) using curve25519_donna.
3. Pre-processes ransom note:
- Encrypts text with XChaCha20 using NOTE_DECRYPTION_KEY and static_nonce.
- Fills NoteData struct: note_size + encrypted_note_buffer.
4. Patches:
- Overwrites "curvpattern" in stub.cpp with master_public_key (pk).
- Overwrites "notepattern" in stub.cpp with NoteData structure.
- Overwrites "decryptpattern" in stub2.cpp with master_private_key (mk).
5. Outputs encryptor.exe, decryptor.exe, master_public.key, and master_private.key.

Encryptor:
1. PRIVILEGE CHECK: Verify process is running via IsProcessElevated()
- If not elevated, re-launches itself using the "runas" verb to trigger a UAC prompt. - The original non-privileged process exits while the new elevated instance continues.
2. CLI Parsing (CommandLineToArgvW):
  • "-noMutex": Sets g_SkipMutex = true.
  • "-h": Sets g_HeaderOnly = true (64KB limit).
  • "-f": Sets g_HeaderOnly = false.
  • "-ds": Sets g_DeleteShadows = true.
3. Pre-Encryption: If g_DeleteShadows, calls DeleteShadowCopies() (vssadmin/wmic, ideally initialize COM and do direct WMI).
4. Check for Global Mutex "Global\testLockerMutexPOC" unless g_SkipMutex is set.
5. Initializes g_RngProvider (BCRYPT_RNG_ALGORITHM).
6. Decrypts encrypted_note_buffer into g_DecryptedNoteBuffer once at startup.
7. Enumerates all system volumes and retrieves volume_name path names.
8. Recursively calls scan(), excluding DIR_EXCLUSIONS (Windows, AppData, etc.).
9. For each valid file, creates a Thread Pool Work Item (PTP_WORK):
- Increments atomic counter g_ActiveWorkCount to track completion.
10. Per-File Cryptography (inside CryptWorkCallback):
- Generates ephemeral esk and epk via BCryptGenRandom and curve25519_donna.
- Derives shared_secret and derived_key via HKDF_SHA512 with "enc" info string.
- Generates unique 24-byte iv via BCryptGenRandom.
11. Chunked Encryption:
- target_size = g_HeaderOnly ? min(file_size, 64KB) : file_size.
- Read/Write file in IO_CHUNK_SIZE (1MB) chunks using xchacha_encrypt_bytes.
12. Appends metadata footer (file_meta structure: ver, ephemeral_pubkey, iv, orig_sz, mode).
13. Renames file to [filename].locked and drops README_DECRYPT.txt in the directory.
14. Wait for Interlocked g_ActiveWorkCount to reach zero before process exit.

Encrypted files structure looks like:
[Encrypted file data (processed in 1MB chunks)]
[Metadata footer (file_meta)]:
uint32_t to watch (0x00030001)
uint8_t ephemeral_pubkey[32] (epk)
uint8_t iv[24]
uint64_t orig_sz
uint32_t mode (0 = Full, 1 = Header)

Decryptor:
1. Check for Global Mutex and enumerate all system volumes.
2. Scan for files with the ".locked" extension.
3. For each .locked file, submit a work_item to the Windows Thread Pool.
4. Per-File Decryption (inside DecryptWorkCallback):
- Read file_meta structure from the end of the file.
- Verify ver matches VERSION_IDENTITY (0x00030001).
- Identify footer.mode to determine if decryption is 64KB or Full.
- Perform ECDH: shared_secret = curve25519_donna(master_private_key, footer.epk).
- Derive XChaCha20 key via HKDF_SHA512.
5. Chunked Decryption:
- Process file in IO_CHUNK_SIZE (1MB) chunks using extracted iv and derived key.
- Overwrite encrypted data with decrypted plaintext.
6. Truncate file at footer.orig_sz to remove the metadata footer.
7. Restore original filename by removing ".locked" suffix via MoveFileExW.
8. Synchronize exit using Interlocked g_ActiveWorkCount counter.

-= BUILD & RUN =-

Set to build for release

1. Run encryptor.exe. Can be launched from CLI with flags:
- h (header only encrypt)
-f (full encrypt)
-ds (delete shadow copies)

2. Run matching decryptor.exe to restore

Structure of build directory:

Код: 
├── Builder.exe
└── Stub/
    ├── enc.bin
    └── dec.bin


-= RESOURCES =-

[1] 0xAbby. 2025. GitHub - 0xAbby/RC4-cipher: An implementation of RC4 stream cipher (using key scheduling algorithm). GitHub. Retrieved January 9, 2026 from https://github.com/0xAbby/RC4-cipher
[2] a0zhar. 2025. babukv3/windows at main · a0zhar/babukv3. GitHub. Retrieved January 9, 2026 from https://github.com/a0zhar/babukv3/tree/main/windows
[3] andrivet. 2025. GitHub - andrivet/ADVobfuscator: Obfuscation library based on C++20 and metaprogramming. GitHub. Retrieved January 10, 2026 from https://github.com/andrivet/ADVobfuscator
[4] claudiopizzillo. 2025. GitHub - claudiopizzillo/conti_v3: Conti V3 source code updated. GitHub. Retrieved January 9, 2026 from https://github.com/claudiopizzillo/conti_v3
[5] Chuong Dong. 2020. Rust Ransomware (Part 1). Chuong Dong. Retrieved January 5, 2026 from https://www.chuongdong.com/malware development/2020/06/09/rust-ransomware1/
[6] Chuong Dong. 2022. PLAY Ransomware. Chuong Dong. Retrieved January 11, 2026 from https://www.chuongdong.com/reverse engineering/2022/09/03/PLAYRansomware/
[7] senzee1984. 2025. GitHub - senzee1984/Amsi_Bypass_In_2023: Amsi Bypass payload that works on Windwos 11. GitHub. Retrieved January 9, 2026 from https://github.com/senzee1984/Amsi_Bypass_In_2023/tree/main
 

Вложения

  • FileEncryptor.zip
    818 КБ · Просмотры: 10
Последнее редактирование:
admin


Напишите ответ...
  • Вставить:
Прикрепить файлы
Верх