Open Davix478 opened 1 year ago
the reason is so it can os.system pip install (to your admin system interpreter) a third-party library to multithread-kill a random list of programs in the next line:
['Suspend', 'Progress Telerik Fiddler Web Debugger', 'Fiddler', 'Wireshark', 'dumpcap', 'dnSpy', 'dnSpy-x86', 'cheatengine-x86_64', 'HTTPDebuggerUI', 'Procmon', 'Procmon64', 'Procmon64a', 'ProcessHacker', 'x32dbg', 'x64dbg', 'DotNetDataCollector32', 'DotNetDataCollector64', 'HTTPDebuggerSvc', 'HTTP Debugger', 'ida', 'ida64', 'idag', 'idag64', 'idaw', 'idaw64', 'idaq', 'idaq64', 'idau', 'idau64', 'scylla', 'scylla_x64', 'scylla_x86', 'protection_id', 'windbg', 'reshacker', 'ImportREC', 'IMMUNITYDEBUGGER', 'MegaDumper', 'disassembly', 'Debug', '[CPUImmunity', 'MegaDumper 1.0 by CodeCracker / SnD', 'Charles', 'charles', 'OLLYDBG', 'Import_reconstructor', 'codecracker', 'de4dot', 'ilspy', 'graywolf', 'simpleassemblyexplorer', 'x64netdumper', 'hxd', 'petools', 'simpleassembly', 'httpanalyzer', 'httpdebug', 'processhacker', 'memoryedit', 'memory', 'de4dotmodded', 'process hacker', 'process monitor', 'qt5core', 'ida', 'immunity', 'http', 'traffic', 'wireshark', 'fiddler', 'packet', 'hacker', 'debug', 'dnspy', 'dotpeek', 'dottrace', 'procdump', 'manager', 'memory', 'netLimit', 'netLimiter', 'sandbox']
this whole repo is like watching a clown get murdered
it doesn't even do any actual obfuscation, it makes a post request to this website: https://pyob.oxyry.com
lmao
and applies some "custom encryption" that apparently means "symmetric encryption with the secret key distributed along with the ciphertext" (lmao)
this whole repo is just embarrassing and sad
the reason is so it can os.system pip install (to your admin system interpreter) a third-party library to multithread-kill a random list of programs in the next line:
['Suspend', 'Progress Telerik Fiddler Web Debugger', 'Fiddler', 'Wireshark', 'dumpcap', 'dnSpy', 'dnSpy-x86', 'cheatengine-x86_64', 'HTTPDebuggerUI', 'Procmon', 'Procmon64', 'Procmon64a', 'ProcessHacker', 'x32dbg', 'x64dbg', 'DotNetDataCollector32', 'DotNetDataCollector64', 'HTTPDebuggerSvc', 'HTTP Debugger', 'ida', 'ida64', 'idag', 'idag64', 'idaw', 'idaw64', 'idaq', 'idaq64', 'idau', 'idau64', 'scylla', 'scylla_x64', 'scylla_x86', 'protection_id', 'windbg', 'reshacker', 'ImportREC', 'IMMUNITYDEBUGGER', 'MegaDumper', 'disassembly', 'Debug', '[CPUImmunity', 'MegaDumper 1.0 by CodeCracker / SnD', 'Charles', 'charles', 'OLLYDBG', 'Import_reconstructor', 'codecracker', 'de4dot', 'ilspy', 'graywolf', 'simpleassemblyexplorer', 'x64netdumper', 'hxd', 'petools', 'simpleassembly', 'httpanalyzer', 'httpdebug', 'processhacker', 'memoryedit', 'memory', 'de4dotmodded', 'process hacker', 'process monitor', 'qt5core', 'ida', 'immunity', 'http', 'traffic', 'wireshark', 'fiddler', 'packet', 'hacker', 'debug', 'dnspy', 'dotpeek', 'dottrace', 'procdump', 'manager', 'memory', 'netLimit', 'netLimiter', 'sandbox']
this whole repo is like watching a clown get murdered
it doesn't even do any actual obfuscation, it makes a post request to this website: https://pyob.oxyry.com
lmao
and applies some "custom encryption" that apparently means "symmetric encryption with the secret key distributed along with the ciphertext" (lmao)
this whole repo is just embarrassing and sad
Are you dumb? those programs are debuggers. and if you select "Anti Debuggers" it needs to kill all debuggers first. An the code works fine and there is no reference to https://pyob.oxyry.com/) So dont talk dogshit if you dont know how to read code
Are you dumb? those programs are debuggers. and if you select "Anti Debuggers" it needs to kill all debuggers first. An the code works fine and there is no reference to https://pyob.oxyry.com/) So dont talk dogshit if you dont know how to read code
Hello ?? have you read the code ???? https://github.com/0sir1ss/Anubis/blob/ddfcd15e0bdfe158ce56b37f729496ac0a8ad8bd/anubis.py#L251
Are you dumb? those programs are debuggers. and if you select "Anti Debuggers" it needs to kill all debuggers first. An the code works fine and there is no reference to https://pyob.oxyry.com/) So dont talk dogshit if you dont know how to read code
Hello ?? have you read the code ???? https://github.com/0sir1ss/Anubis/blob/ddfcd15e0bdfe158ce56b37f729496ac0a8ad8bd/anubis.py#L251
Yes ik but i meant the AntiDebug function. And you can choose between carbon and oxyry obfuscation. So https://pyob.oxyry.com/) is not necessary.
why part of the code includes this if not ctypes.windll.shell32.IsUserAnAdmin() != 0: print("Please run this program as administrator.") sys.exit(0) the code im obfuscating is hello world