Pages: [1]   Go Down
Author Topic: [sugestão] fts chromeext reverse  (Read 3272 times)
kodo no kami
RegMem
*

Karma: +0/-0
Offline Offline

Posts: 44


« on: July 03, 2015, 06:38:42 AM »



essa é uma ferramenta bem pequena porem muito util para analise de malware em extensao do chrome (.crx) \o

github

Code:
/**
 * coder: kodo no kami
 * date: 21/04/2015
**/
 
#include <stdio.h>
#include <stdlib.h>
 
int main(int argc, char **argv){
int salvar = 0;
long long int tam =0, cont = 0;
FILE *arq, *arq2;
char novo, ultimo;

printf("=============================\n" \
"    FTS ChromeExt Reverse\n" \
"=============================\n\n");

if(argc < 3)
{
printf("coder: kodo no kami\nface: www.facebook.com/hacker.fts315\n\nsintaxe: program <extension.crx> <output.zip>\n\nexemple: ./fts \"kodo.crx\" \"kodo.zip\"\n\n");
return 0;;
}

arq = fopen(argv[1],"r");
arq2 = fopen(argv[2],"w");

fseek(arq,0,SEEK_END);
tam = ftell(arq);
fseek(arq,0,SEEK_SET);

while(cont < tam){
novo = fgetc(arq);
if(novo == 'K' && ultimo == 'P' && salvar == 0){
salvar = 1;
putc('P',arq2);
}
if(salvar == 1){
putc(novo,arq2);
}
ultimo = novo;
cont++;
}

printf("extension decompiled!!!\n\n");

fclose(arq);
fclose(arq2);

return 0;
}

« Last Edit: July 03, 2015, 06:42:12 AM by kodo no kami »Logged


Author Topic: [sugestão] fts chromeext reverse(Read 3272 times)
markyoggry
Member
*

Karma: +0/-0
Offline Offline

Posts: 2


« Reply #1 on: August 16, 2015, 11:55:52 PM »



It is difficult to read, and I shot him. It is the knowledge that good.
Logged


Pages: [1]   Go Up
Print
Jump to: