I’ve added the functionality to JoeCrypter and have also added a switch to disable the music (help menu). When I think of more evasions, I will add them to the app. <\/p>\n The code is simple enough. Basic std time structures to check for the date and only run for 1 month. The region specific check uses the GetSystemDefaultUILanguage<\/a> api to grab the current language set and checks against the language passed from the main program. <\/p>\n Easy enough right? This ensures our target is only executed in the region we want. The latest version of the crypter is JoeCrypter<\/a> The password is ‘gironsec’.<\/p>\n I will be doing the PIN stuff next post, but for now, enjoy the crypter.<\/p>\n![\"\"](\"http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2017\/03\/crypter_update.png\")
<\/a><\/p>\n
\n<\/p>\nvoid<\/span> date_specific_check<\/span>(char<\/span> *shortdate)\r\n{\r\n\ttime_t<\/span> rawtime;\r\n\tstruct<\/span> tm * timeinfo;\r\n \tchar<\/span> currentdate[80<\/span>];\r\n \ttime (&rawtime);\r\n \ttimeinfo = localtime(&rawtime);\r\n\tstrftime(currentdate,80<\/span>,"%d\/%m\/%Y"<\/span>,timeinfo);\r\n\r\n\t\/\/get current date, check against current month<\/span>\r\n\tif<\/span>(strstr(currentdate,shortdate))\r\n\t{\r\n\t\treturn<\/span>;\t\/\/ clean return<\/span>\r\n\t}\r\n\telse<\/span>{\r\n\tPassToNoobs();\r\n\t}\r\n}\r\n<\/pre>\n<\/div>\n
\nI’ve omitted some code for space.<\/p>\nvoid<\/span> region_specific_check<\/span>(char<\/span> *region)\r\n{\r\nLANGID id;\r\nchar<\/span> *lang = ""<\/span>;\r\n\r\n\t id = GetSystemDefaultUILanguage();\r\n\t switch<\/span>(id)\r\n\t {\r\n\t\tcase<\/span> 0x0000<\/span>: lang = "Language Neutral"<\/span>; break<\/span>;\r\n\t\tcase<\/span> 0x007f<\/span>: lang = "Locale Invariant"<\/span>; break<\/span>;\r\n\t\tcase<\/span> 0x0400<\/span>: lang = "User Default Language"<\/span>; break<\/span>;\r\n\t\tcase<\/span> 0x0800<\/span>: lang = "System Default Language"<\/span>; break<\/span>;\r\n\t\tcase<\/span> 0x0436<\/span>: lang = "Afrikaans"<\/span>; break<\/span>;\r\n\t\tcase<\/span> 0x041c<\/span>: lang = "Albanian"<\/span>; break<\/span>;\r\n\t\tcase<\/span> 0x0401<\/span>: lang = "Arabic (Saudi Arabia)"<\/span>; break<\/span>;\r\n...\r\n...\r\n...\r\n }\r\n\t\tif<\/span>(strcmp(lang,region))\r\n\t\t{\r\n\t\t\t\r\n\t\t\treturn<\/span> 1<\/span>;\r\n\r\n\t\t}\r\n\t\telse<\/span>\r\n\t\t{\r\n\t\t\tPassToNoobs();\r\n\t\t}\r\n\treturn<\/span> 0<\/span>;\r\n}\r\n<\/pre>\n<\/div>\n