cyobfuscator 1.0.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- cyobfuscator-1.0.0/PKG-INFO +4 -0
- cyobfuscator-1.0.0/pyproject.toml +13 -0
- cyobfuscator-1.0.0/setup.cfg +4 -0
- cyobfuscator-1.0.0/src/cyobfuscator/__init__.py +20 -0
- cyobfuscator-1.0.0/src/cyobfuscator/__main__.py +55 -0
- cyobfuscator-1.0.0/src/cyobfuscator/engine.py +29 -0
- cyobfuscator-1.0.0/src/cyobfuscator/protector.py +23 -0
- cyobfuscator-1.0.0/src/cyobfuscator/storage.py +20 -0
- cyobfuscator-1.0.0/src/cyobfuscator.egg-info/PKG-INFO +4 -0
- cyobfuscator-1.0.0/src/cyobfuscator.egg-info/SOURCES.txt +12 -0
- cyobfuscator-1.0.0/src/cyobfuscator.egg-info/dependency_links.txt +1 -0
- cyobfuscator-1.0.0/src/cyobfuscator.egg-info/entry_points.txt +2 -0
- cyobfuscator-1.0.0/src/cyobfuscator.egg-info/requires.txt +1 -0
- cyobfuscator-1.0.0/src/cyobfuscator.egg-info/top_level.txt +1 -0
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
[build-system]
|
|
2
|
+
requires = ["setuptools>=61.0"]
|
|
3
|
+
build-backend = "setuptools.build_meta"
|
|
4
|
+
|
|
5
|
+
[project]
|
|
6
|
+
name = "cyobfuscator"
|
|
7
|
+
version = "1.0.0"
|
|
8
|
+
dependencies = [
|
|
9
|
+
"cryptography",
|
|
10
|
+
]
|
|
11
|
+
|
|
12
|
+
[project.scripts]
|
|
13
|
+
cyobfuscator = "cyobfuscator.__main__:main"
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
from .engine import obfuscate_content, execute_in_ram
|
|
2
|
+
from .protector import encrypt_payload, decrypt_payload
|
|
3
|
+
from .storage import get_master_key, get_secret_dir
|
|
4
|
+
|
|
5
|
+
# Optional: Version tracking
|
|
6
|
+
__version__ = "1.0.0"
|
|
7
|
+
|
|
8
|
+
# Initialize the environment automatically on import
|
|
9
|
+
try:
|
|
10
|
+
get_secret_dir() # Creates the hidden LocalAppData folder
|
|
11
|
+
get_master_key() # Generates the 200-char master key if missing
|
|
12
|
+
except Exception as e:
|
|
13
|
+
print(f"[!] Cyobfuscator Initialization Warning: {e}")
|
|
14
|
+
|
|
15
|
+
__all__ = [
|
|
16
|
+
"obfuscate_content",
|
|
17
|
+
"execute_in_ram",
|
|
18
|
+
"encrypt_payload",
|
|
19
|
+
"decrypt_payload",
|
|
20
|
+
]
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
import sys
|
|
2
|
+
import argparse
|
|
3
|
+
import json
|
|
4
|
+
from .engine import obfuscate_content, execute_in_ram, generate_triple_map
|
|
5
|
+
from .protector import encrypt_payload, decrypt_payload
|
|
6
|
+
|
|
7
|
+
def main():
|
|
8
|
+
parser = argparse.ArgumentParser(description="Cyobfuscator CLI")
|
|
9
|
+
parser.add_argument("-o", "--obfuscate", action="store_true")
|
|
10
|
+
parser.add_argument("-e", "--encrypt", action="store_true")
|
|
11
|
+
parser.add_argument("-do", "--deobfuscate", action="store_true")
|
|
12
|
+
parser.add_argument("-de", "--decrypt", action="store_true")
|
|
13
|
+
parser.add_argument("filename")
|
|
14
|
+
|
|
15
|
+
args = parser.parse_args()
|
|
16
|
+
|
|
17
|
+
# --- OBFUSCATION & ENCRYPTION ---
|
|
18
|
+
if args.obfuscate and args.encrypt:
|
|
19
|
+
with open(args.filename, "r") as f:
|
|
20
|
+
content = f.read()
|
|
21
|
+
|
|
22
|
+
obf_text, imap = obfuscate_content(content)
|
|
23
|
+
|
|
24
|
+
# Package the mapping and the data together
|
|
25
|
+
bundle = json.dumps({"map": imap, "data": obf_text})
|
|
26
|
+
final_blob = encrypt_payload(bundle)
|
|
27
|
+
|
|
28
|
+
with open(args.filename + ".cy", "wb") as f:
|
|
29
|
+
f.write(final_blob)
|
|
30
|
+
print(f"File {args.filename}.cy created with unique 3-key mapping.")
|
|
31
|
+
|
|
32
|
+
# --- DECRYPTION & DEOBFUSCATION ---
|
|
33
|
+
if args.deobfuscate and args.decrypt:
|
|
34
|
+
with open(args.filename, "rb") as f:
|
|
35
|
+
blob = f.read()
|
|
36
|
+
|
|
37
|
+
# 1. Unlock with Master Key + HWID
|
|
38
|
+
decrypted_bundle = json.loads(decrypt_payload(blob))
|
|
39
|
+
imap = decrypted_bundle["map"]
|
|
40
|
+
obf_data = decrypted_bundle["data"]
|
|
41
|
+
|
|
42
|
+
# 2. Reverse the map
|
|
43
|
+
rev_map = {k: char for char, keys in imap.items() for k in keys}
|
|
44
|
+
|
|
45
|
+
# 3. Rebuild code
|
|
46
|
+
original_code = ""
|
|
47
|
+
for part in obf_data.split('|'):
|
|
48
|
+
if part: # Skip empty strings from split
|
|
49
|
+
original_code += rev_map.get(part, part)
|
|
50
|
+
|
|
51
|
+
print("Executing code directly from RAM...")
|
|
52
|
+
execute_in_ram(original_code)
|
|
53
|
+
|
|
54
|
+
if __name__ == "__main__":
|
|
55
|
+
main()
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
import string
|
|
2
|
+
import random
|
|
3
|
+
|
|
4
|
+
def generate_triple_map():
|
|
5
|
+
chars = string.printable
|
|
6
|
+
mapping = {}
|
|
7
|
+
for char in chars:
|
|
8
|
+
keys = []
|
|
9
|
+
for _ in range(3):
|
|
10
|
+
p1 = ''.join(random.choices(string.digits, k=3))
|
|
11
|
+
p2 = random.choice(['/', '!', '@', '#', '$', '%'])
|
|
12
|
+
p3 = random.choice(string.ascii_lowercase)
|
|
13
|
+
keys.append(f"{p1}{p2}{p3}")
|
|
14
|
+
mapping[char] = keys
|
|
15
|
+
return mapping
|
|
16
|
+
|
|
17
|
+
def obfuscate_content(content):
|
|
18
|
+
imap = generate_triple_map()
|
|
19
|
+
result = ""
|
|
20
|
+
for char in content:
|
|
21
|
+
if char in imap:
|
|
22
|
+
# Added '|' as a separator so we can split the keys later
|
|
23
|
+
result += random.choice(imap[char]) + "|"
|
|
24
|
+
else:
|
|
25
|
+
result += char
|
|
26
|
+
return result, imap
|
|
27
|
+
|
|
28
|
+
def execute_in_ram(decrypted_code):
|
|
29
|
+
exec(decrypted_code, globals())
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import subprocess
|
|
2
|
+
from cryptography.fernet import Fernet
|
|
3
|
+
from .storage import get_master_key
|
|
4
|
+
|
|
5
|
+
def get_hwid():
|
|
6
|
+
# Unique ID for the PC
|
|
7
|
+
return str(subprocess.check_output('wmic csproduct get uuid'), 'utf-8').split('\n')[1].strip()
|
|
8
|
+
|
|
9
|
+
def encrypt_payload(data):
|
|
10
|
+
key = get_master_key()
|
|
11
|
+
f = Fernet(key)
|
|
12
|
+
# Combine data with HWID so it only works on this PC
|
|
13
|
+
protected_data = f"{get_hwid()}:::{data}"
|
|
14
|
+
return f.encrypt(protected_data.encode())
|
|
15
|
+
|
|
16
|
+
def decrypt_payload(token):
|
|
17
|
+
key = get_master_key()
|
|
18
|
+
f = Fernet(key)
|
|
19
|
+
decoded = f.decrypt(token).decode()
|
|
20
|
+
hwid, original_data = decoded.split(":::")
|
|
21
|
+
if hwid != get_hwid():
|
|
22
|
+
raise PermissionError("Hardware ID Mismatch. Key is invalid for this PC.")
|
|
23
|
+
return original_data
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import os
|
|
2
|
+
import uuid
|
|
3
|
+
from cryptography.fernet import Fernet
|
|
4
|
+
|
|
5
|
+
def get_secret_dir():
|
|
6
|
+
# Hidden folder in LocalAppData
|
|
7
|
+
path = os.path.join(os.getenv('LOCALAPPDATA'), "Microsoft", "Protocols", "vbs")
|
|
8
|
+
if not os.path.exists(path):
|
|
9
|
+
os.makedirs(path)
|
|
10
|
+
return path
|
|
11
|
+
|
|
12
|
+
def get_master_key():
|
|
13
|
+
key_path = os.path.join(get_secret_dir(), "sys_cache.bin")
|
|
14
|
+
if not os.path.exists(key_path):
|
|
15
|
+
# Generate a unique 200-char style master key (Fernet)
|
|
16
|
+
key = Fernet.generate_key()
|
|
17
|
+
with open(key_path, "wb") as f:
|
|
18
|
+
f.write(key)
|
|
19
|
+
with open(key_path, "rb") as f:
|
|
20
|
+
return f.read()
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
pyproject.toml
|
|
2
|
+
src/cyobfuscator/__init__.py
|
|
3
|
+
src/cyobfuscator/__main__.py
|
|
4
|
+
src/cyobfuscator/engine.py
|
|
5
|
+
src/cyobfuscator/protector.py
|
|
6
|
+
src/cyobfuscator/storage.py
|
|
7
|
+
src/cyobfuscator.egg-info/PKG-INFO
|
|
8
|
+
src/cyobfuscator.egg-info/SOURCES.txt
|
|
9
|
+
src/cyobfuscator.egg-info/dependency_links.txt
|
|
10
|
+
src/cyobfuscator.egg-info/entry_points.txt
|
|
11
|
+
src/cyobfuscator.egg-info/requires.txt
|
|
12
|
+
src/cyobfuscator.egg-info/top_level.txt
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
cryptography
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
cyobfuscator
|