Implemented basic sleep obfuscation via the Ekko technique using WinAPI. Improvement needed!

2025-08-27 00:27:50 +02:00
parent 8791faec3f
commit 00866b30cd
5 changed files with 218 additions and 6 deletions
--- a/src/common/crypto.nim
+++ b/src/common/crypto.nim
@@ -7,7 +7,7 @@ import ./[types, utils]
    Symmetric AES256 GCM encryption for secure C2 traffic
    Ensures both confidentiality and integrity of the packet 
 ]#
-proc generateBytes*(T: typedesc[Key | Iv]): array =
+proc generateBytes*(T: typedesc[Key | Iv | Key16]): array =
    var bytes: T
    if randomBytes(bytes) != sizeof(T): 
        raise newException(CatchableError, protect("Failed to generate byte array."))
--- a/src/common/types.nim
+++ b/src/common/types.nim
@@ -8,6 +8,7 @@ const
    MAGIC* = 0x514E3043'u32     # Magic value: C0NQ
    VERSION* = 1'u8             # Version 1
    HEADER_SIZE* = 48'u8        # 48 bytes fixed packet header size
+    STATUS_SUCCESS = 0

 type 
    PacketType* = enum 
@@ -79,6 +80,7 @@ type
    Key* = array[32, byte]
    Iv* = array[12, byte]
    AuthenticationTag* = array[16, byte]
+    Key16* = array[16, byte]

 # Packet structure
 type 
--- a/src/common/utils.nim
+++ b/src/common/utils.nim
@@ -3,7 +3,7 @@ import strutils, nimcrypto

 import ./types

-proc toString*(T: type Bytes, data: seq[byte]): string =
+proc toString*(T: type Bytes, data: openArray[byte]): string =
    result = newString(data.len)
    for i, b in data:
        result[i] = char(b)