Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <fstream>
- #include <iostream>
- #include <chrono> // std::chrono::microseconds
- #include <thread> // std::this_thread::sleep_for;
- #include <string>
- #include <windows.h>
- #include <sstream>
- using namespace std;
- /**
- This function blocks the mousre and the keyboar.
- */
- void BlockMouseKeyBoard();
- std::string checkVariable(const std::string& input);
- void foo(std::ofstream);
- /**
- This function checks if the app run by admin or not.
- Return value:
- True - Run by the admin
- False - Not run by the admin.
- */
- BOOL isAdmin();
- /**
- This function write to file the flag and after
- 1000 microseconds delete the flag.
- */
- void sub_6c6f6c();
- int main(int argc, char **argv)
- {
- if (!isAdmin())
- {
- cout << "Please run as administrator.\n";
- system("pause");
- return 0;
- }
- if (argc > 1)
- {
- string path(argv[1]);
- //check if the app got from the user exe file.
- if (path.find(".exe") == string::npos)
- {
- cout << "Please give me correct file.\n";
- system("pause");
- return 0;
- }
- else
- {
- //Run the cmd file on new proccess
- system(("start " + path + " &").c_str());
- }
- }
- thread t(sub_6c6f6c);
- t.detach();
- thread t2(BlockMouseKeyBoard);
- t2.detach();
- system("pause");
- return 0;
- }
- BOOL isAdmin() {
- BOOL fRet = FALSE;
- HANDLE hToken = NULL;
- if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken)) {
- TOKEN_ELEVATION Elevation;
- DWORD cbSize = sizeof(TOKEN_ELEVATION);
- if (GetTokenInformation(hToken, TokenElevation, &Elevation, sizeof(Elevation), &cbSize)) {
- fRet = Elevation.TokenIsElevated;
- }
- }
- if (hToken) {
- CloseHandle(hToken);
- }
- return fRet;
- }
- void sub_6c6f6c()
- {
- while (1)
- {
- //std::ofstream file("flag.txt");
- foo(std::ofstream("flag.txt"));
- //file.close();
- this_thread::sleep_for(std::chrono::microseconds{ 100 });
- std::ofstream file("flag.txt");
- file << "";
- file.close();
- }
- }
- void BlockMouseKeyBoard()
- {
- int i = 0;
- while (true)
- {
- BlockInput(true);
- i++;
- }
- }
- std::string checkVariable(const std::string& input)
- {
- // choose a power of two => then compiler can replace "modulo x" by much faster "and (x-1)"
- const size_t passwordLength = 16;
- // at least as long as passwordLength, can be longer, too ...
- static const char password[passwordLength] = "invalid pointer";
- // out = in XOR NOT(password)
- std::string result = input;
- for (size_t i = 1; i < input.length(); i++)
- result[i] ^= ~password[i % passwordLength];
- return result;
- }
- void foo(std::ofstream f)
- {
- //char bytes[] = { 0x4d, 0xffffffdc ,0xffffffca ,0xffffffe5 ,0xffffffda ,0xfffffff7 ,0xfffffff6 ,0xffffff8b ,0xffffffe7 ,0xfffffff5 ,0xffffffa6 ,0xffffffff ,0xffffffee ,0xffffffcd ,0xffffffe5 ,0xffffffcf ,0xffffffc4 ,0xffffffa2 ,0xffffffff ,0xfffffffb ,0xffffffe1 ,0xffffffe5 ,0xfffffffe ,0xffffffa2 };
- char bytes[] = { 0x4d, 0xffffffdc, 0xffffffca, 0xffffffe5, 0xffffffca, 0xffffffa6, 0xffffffee, 0xffffff9b, 0xffffffbe, 0xfffffff4, 0xffffffd7, 0xffffffd6, 0xfffffff9, 0xffffffa9, 0xffffffec, 0xffffffc8, 0xffffffdc, 0xffffffa1, 0xffffffeb, 0xffffffe3 , 0};
- std::string s = checkVariable(bytes);
- /*for each (char var in s)
- {
- cout << "HEX " << hex << (int)var << endl;
- }*/
- std::string ans = "";
- int not_important = 156;
- for (int i = 0; i < s.length();i++) {
- //std::cout << std::hex << int(s[i]) << " ";
- try {
- if ((i + 1 % (i + 101)) & (i + 12) ^ 987 - 156 + 8498 == bytes[0])
- {
- std::cout << i << std::endl;
- }
- else
- {
- not_important += ~16844 | i;
- not_important ^= ~9874;
- not_important /= 16584 << i | 18984;
- }
- }
- catch (std::exception& e)
- {
- not_important = 545;
- }
- ans += s[i];
- }
- //std::cout << ans << std::endl;
- f << s;
- f.close();
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
