Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡
Home Page: https://github.com/Warxim/deluder
License: GNU General Public License v3.0
Hi there 👋, I am a software engineer with an interest in cyber security.
I have three main open-source projects:
You can contact me on the following platforms:
When I run deluder with default config I get a bunch of errors saying libraries are missing. This results in being unable to see any encrypted communications as the connection defaults to wsock/tcp. I tried to place (for example) wsock32.dll into each subdirectory in the deluder folder but that was not successful. I've also tried running deluder via python.exe and also as deluder.exe and as low priv user and as admin user but that doesnt seem to make a difference.
PS C:\Users\User\Desktop\deluder-1.2> deluder.exe run -i petep "C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe"
2024-03-04T18:03:39.617Z [INFO] (Deluder) Starting process for application "['C:\\Windows\\SysWOW64\\WindowsPowerShell\\v1.0\\powershell.exe']"...
2024-03-04T18:03:39.772Z [INFO] (Deluder) Process started with PID "9352".
2024-03-04T18:03:39.773Z [INFO] (Deluder) Created deluder for existing process with PID 9352.
2024-03-04T18:03:39.775Z [INFO] (Deluder) Starting to cause delusions...
2024-03-04T18:03:39.775Z [INFO] (Deluder) Loaded interceptor: petep
2024-03-04T18:03:39.863Z [INFO] (Deluder) Scripts loaded.
2024-03-04T18:03:39.864Z [INFO] (Deluder) Router initialized.
2024-03-05T02:03:41.999Z [INFO] (Script) Process info: id=9352 architecture=ia32 platform=windows
2024-03-05T02:03:41.999Z [INFO] (Script) Function send not found, since library wsock32.dll is missing
2024-03-05T02:03:42.000Z [INFO] (Script) Hooked function send in library ws2_32.dll
2024-03-05T02:03:42.005Z [INFO] (Script) Function sendto not found, since library wsock32.dll is missing
2024-03-05T02:03:42.010Z [INFO] (Script) Hooked function sendto in library ws2_32.dll
2024-03-05T02:03:42.011Z [INFO] (Script) Function recv not found, since library wsock32.dll is missing
2024-03-05T02:03:42.011Z [INFO] (Script) Hooked function recv in library ws2_32.dll
2024-03-05T02:03:42.013Z [INFO] (Script) Function recvfrom not found, since library wsock32.dll is missing
2024-03-05T02:03:42.013Z [INFO] (Script) Hooked function recvfrom in library ws2_32.dll
2024-03-05T02:03:42.013Z [INFO] (Script) Function WSASend not found, since library wsock32.dll is missing
2024-03-05T02:03:42.013Z [INFO] (Script) Hooked function WSASend in library ws2_32.dll
2024-03-05T02:03:42.013Z [INFO] (Script) Function WSASendTo not found, since library wsock32.dll is missing
2024-03-05T02:03:42.017Z [INFO] (Script) Hooked function WSASendTo in library ws2_32.dll
2024-03-05T02:03:42.017Z [INFO] (Script) Function WSARecv not found, since library wsock32.dll is missing
2024-03-05T02:03:42.018Z [INFO] (Script) Hooked function WSARecv in library ws2_32.dll
2024-03-05T02:03:42.018Z [INFO] (Script) Function WSARecvFrom not found, since library wsock32.dll is missing
2024-03-05T02:03:42.021Z [INFO] (Script) Hooked function WSARecvFrom in library ws2_32.dll
2024-03-05T02:03:42.021Z [INFO] (Script) Function closesocket not found, since library wsock32.dll is missing
2024-03-05T02:03:42.022Z [INFO] (Script) Hooked function closesocket in library ws2_32.dll
2024-03-05T02:03:42.022Z [INFO] (Script) Function shutdown not found, since library wsock32.dll is missing
2024-03-05T02:03:42.025Z [INFO] (Script) Hooked function shutdown in library ws2_32.dll
2024-03-05T02:03:42.030Z [INFO] (Script) No matching libraries found for regexes libc.so
2024-03-05T02:03:42.032Z [INFO] (Script) No matching libraries found for regexes libc.so
2024-03-05T02:03:42.034Z [INFO] (Script) No matching libraries found for regexes libc.so
2024-03-05T02:03:42.035Z [INFO] (Script) No matching libraries found for regexes libc.so
2024-03-05T02:03:42.036Z [INFO] (Script) No matching libraries found for regexes libc.so
2024-03-05T02:03:42.040Z [INFO] (Script) No matching libraries found for regexes libc.so
2024-03-05T02:03:42.040Z [INFO] (Script) No matching libraries found for regexes libssl,openssl,ssleay,libeay,libcrypto
2024-03-05T02:03:42.043Z [INFO] (Script) No matching libraries found for regexes libssl,openssl,ssleay,libeay,libcrypto
2024-03-05T02:03:42.046Z [INFO] (Script) No matching libraries found for regexes libssl,openssl,ssleay,libeay,libcrypto
2024-03-05T02:03:42.048Z [INFO] (Script) No matching libraries found for regexes libssl,openssl,ssleay,libeay,libcrypto
2024-03-05T02:03:42.050Z [INFO] (Script) No matching libraries found for regexes libssl,openssl,ssleay,libeay,libcrypto
2024-03-05T02:03:42.051Z [INFO] (Script) No matching libraries found for regexes gnutls
2024-03-05T02:03:42.052Z [INFO] (Script) No matching libraries found for regexes gnutls
2024-03-05T02:03:42.052Z [INFO] (Script) No matching libraries found for regexes gnutls
2024-03-05T02:03:42.052Z [INFO] (Script) Function EncryptMessage not found, since library secur32.dll is missing
2024-03-05T02:03:42.054Z [INFO] (Script) Function DecryptMessage not found, since library secur32.dll is missing
2024-03-04T18:03:42.090Z [INFO] (Deluder) Delusions started.
2024-03-04T18:03:42.098Z [INFO] (Deluder) Waiting for target process to finish...
I've also tried to use my own config.json but I get this error no matter what, even when I copy and paste the minimal config.json in the main README:
python.exe -m deluder run -c .\config1.json "C:\path\to\app.exe"
Traceback (most recent call last):
File "<frozen runpy>", line 198, in _run_module_as_main
File "<frozen runpy>", line 88, in _run_code
File "C:\Users\User\desktop\deluder-1.2\deluder\__main__.py", line 158, in <module>
main()
File "C:\Users\User\desktop\deluder-1.2\deluder\__main__.py", line 105, in main
config_dict = json.load(config_file)
^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\User\AppData\Local\Programs\Python\Python312\Lib\json\__init__.py", line 293, in load
return loads(fp.read(),
^^^^^^^^^^^^^^^^
File "C:\Users\User\AppData\Local\Programs\Python\Python312\Lib\json\__init__.py", line 346, in loads
return _default_decoder.decode(s)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\User\AppData\Local\Programs\Python\Python312\Lib\json\decoder.py", line 337, in decode
obj, end = self.raw_decode(s, idx=_w(s, 0).end())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\User\AppData\Local\Programs\Python\Python312\Lib\json\decoder.py", line 355, in raw_decode
raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.