Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mdsecactivebreach/CACTUSTORCH
CACTUSTORCH: Payload Generation for Adversary Simulations
https://github.com/mdsecactivebreach/CACTUSTORCH
Last synced: 2 months ago
JSON representation
CACTUSTORCH: Payload Generation for Adversary Simulations
- Host: GitHub
- URL: https://github.com/mdsecactivebreach/CACTUSTORCH
- Owner: mdsecactivebreach
- Created: 2017-07-04T10:20:34.000Z (almost 7 years ago)
- Default Branch: master
- Last Pushed: 2018-07-03T06:47:36.000Z (almost 6 years ago)
- Last Synced: 2024-01-26T07:37:35.732Z (5 months ago)
- Language: Visual Basic
- Homepage:
- Size: 41 KB
- Stars: 980
- Watchers: 43
- Forks: 239
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
Lists
- awesome-threat-detection - CACTUSTORCH - Payload Generation for Adversary Simulations. (Threat Simulation Tools / Related Awesome Lists)
- Awesome-Threat-Detection - CACTUSTORCH - Payload Generation for Adversary Simulations. (Threat Simulation / Tools)
- repo-2396-awesome-threat-detection - CACTUSTORCH - Payload Generation for Adversary Simulations. (Threat Simulation / Tools)
- repo-2430-awesome-threat-detection - CACTUSTORCH - Payload Generation for Adversary Simulations. (Threat Simulation / Tools)
README
```
( ) ( )
( ( ( * ) )\ ) * ) ( /( )\ ) ( ( /(
)\ )\ )\ ` ) /( ( (()/(` ) /( )\())(()/( )\ )\())
(((_|(((_)( (((_) ( )(_)) )\ /(_))( )(_)|(_)\ /(_)|((_)((_)\
)\___)\ _ )\ )\___(_(_())_ ((_|_)) (_(_()) ((_)(_)) )\___ _((_)
((/ __(_)_\(_|(/ __|_ _| | | / __||_ _| / _ \| _ ((/ __| || |
| (__ / _ \ | (__ | | | |_| \__ \ | | | (_) | /| (__| __ |
\___/_/ \_\ \___| |_| \___/|___/ |_| \___/|_|_\ \___|_||_|```
Author and Credits
==================
Author: Vincent Yiu (@vysecurity)Credits:
- @cn33liz: Inspiration with StarFighters
- @tiraniddo: James Forshaw for DotNet2JScript
- @armitagehacker: Raphael Mudge for idea of selecting 32 bit version on 64 bit architecture machines for injection into
- @_RastaMouse: Testing and giving recommendations around README
- @bspence7337: TestingDescription
===========A JavaScript and VBScript shellcode launcher. This will spawn a 32 bit version of the binary specified and inject shellcode into it.
DotNetToJScript can be found here: https://github.com/tyranid/DotNetToJScript
Usage:
======* Choose a binary you want to inject into, default "rundll32.exe", you can use notepad.exe, calc.exe for example...
* Generate a 32 bit raw shellcode in whatever framework you want. Tested: Cobalt Strike, Metasploit Framework
* Run: cat payload.bin | base64 -w 0
* For JavaScript: Copy the base64 encoded payload into the code variable below```var code = "";```
* For VBScript: Copy the base64 encoded payload into the code variable below
```Dim code: code = ""```
* Then run:```wscript.exe CACTUSTORCH.js``` or ```wscript.exe CACTUSTORCH.vbs``` via command line on the target, or double click on the files within Explorer.
* For VBA: Copy the base64 encoded payload into a file such as code.txt
* Run python splitvba.py code.txt output.txt
* Copy output.txt under the following bit so it looks like:
```
code = ""
code = code & " Host CACTUSTORCH Payload
* Fill in fields
* File hosted and ready to go!