NXcrypt - Framework to create backdoors in python [Video]
![NXcrypt - Framework to create backdoors in python [Video]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibtDxw48cfU0LvMRnOYbJsIa27WhY4EcSgJuWT1OLhPsY7Kc0e9Zr20SLErsSQUfkei9GWWGb9eBzvRrGbClGWVzztDviCUpN9iKzAp9U8-HpyYmsgPl6tyDfimavssPi9b1JOQ8gr8c4s/s1600/Screenshot_1-8-640x378.png "NXcrypt - Framework to create backdoors in python [Video]")
NXcrypt
- NXcrypt is a polymorphic crypto "back door" written in python by Hadi Mene (h4d3s). The output is totally undetectable.
- NXcrypt can inject malicious python files into a normal file with multi-threading system.
- Run it with superuser permissions.
- The output of NXcrypt is totally undetectable.
![NXcrypt - Framework to create backdoors in python [Video]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPmjvvfoyW8WC6J7Y04M0LuSAKldtIXZ_IOS3VTkxuIxQLwx_HhGpDEfvNpLh1ZlRv6I6ttpHX1TDhzwoh9ggRW7JeUNN_6uqyn8RDTfsdITPn8czPLqCbYHJ7LD21if3SXBcho26qWN_I/s1600/68747470733a2f2f692e696d6775722e636f6d2f70614a7a6748542e706e67.png "NXcrypt - Framework to create backdoors in python [Video]")
Mode of use
sudo ./NXcrypt.py --file=backdoor.py --output=output_backdoor.py # encrypt backdoor.py and output file is output_backdoor.pysudo ./NXcrypt.py --file=shell.py # encrypt shell.py and default output file is backdoor.py but you can edit it in source codesudo ./NXcrypt.py --help # NXcrypt helpsudo ./NXcrypt.py --backdoor-file=payload.py --file=test.py --output=hacked.py # inject payload.py with test.py into hacked.py with multi-threading systemHow does it work
- Encryption module:
- NXcrypt adds some unwanted codes.
- NXcrypt uses an internal python module 'py_compile' that compiles the code into bytecode in a .pyc file.
- NXcrypt convert .pyc file to normal .py file.
And in this way we can obfuscate the code - The md5sum will also change
- Injection module:
- A malicious python file is injected into a normal file with multi-threading system.
Test in total virus
Before:
SHA256: e2acceb6158cf406669ab828d338982411a0e5c5876c2f2783e247b3e01c2163 File name: facebook.py Detection ratio : 2/54
After:
SHA256: 362a4b19d53d1a8f2b91491b47dba28923dfec2d90784961c46213bdadc80add File name: facebook_encrypted.py Detection ratio: 0/55
Before:
SHA256: e2acceb6158cf406669ab828d338982411a0e5c5876c2f2783e247b3e01c2163 File name: facebook.py Detection ratio : 2/54
After:
SHA256: 362a4b19d53d1a8f2b91491b47dba28923dfec2d90784961c46213bdadc80add File name: facebook_encrypted.py Detection ratio: 0/55
![[EXCLUSIVE!!!] CAPMONSTER PRO 2.10.7.0 CRACKED BY ANONYMOOSE](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidHgK2jErCvRhSbjRWkhYjS_dDaHMHbDQAGUUQtqQpFkLTvHXj-yMVCAxcdE4sfrFNhvsI8OHRmBKeEAHAL_L_uqqygf8ADk5gIaf5Wa4Gv-btL_SmIzjbCUonUNtNztvegMLIoRvSF3IA/s72-c/unknown.png)
![BlackBullet 2.4.4 [Cracked]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKc5nEpTlCYYPXm9yIVxxn5rzIxulCJ5VohirlITjYB60tGvzgy1RxoDGThIytgQ-KEQDDNM9phW6aZm_ZI6scZaTnLddrtt8st6EqiYKvOZEF3HLCxt5rH-dDaqdpYEKj1Mmrq7pFpLIh/s72-c/maxresdefault.jpg)
