Shellter是一款动态shellcode注入工具,用于在32位Windows应用程序中注入shellcode,兼容Linux和Mac系统。它利用执行流程实现动态注入,避免AV检测,支持多种payload和编码方式,包括Metasploit生成的payload。使用Shellter,用户可以选择注入时机和位置,支持命令行操作。在Kali Linux上,需要Wine环境运行。注入过程包括选择模式、注入程序、设置payload和IP/端口,即使开启杀毒软件,也能有效躲避检测。
先了解一下shellter,原文链接:Shellter | Shellter
https://www.shellterproject.com/introducing-shellter/
原文:
Shellter is a dynamic shellcode injection tool, and the first truly dynamic PE infector ever created.
It can be used in order to inject shellcode into native Windows applications (currently 32-bit applications only).
The shellcode can be something yours or something generated through a framework, such as Metasploit.
Shellter takes advantage of the original structure of the PE file and doesn’t apply any modification such as changing memory access permissions in sections (unless the user wants), adding an extra section with RWE access, and whatever would look dodgy under an AV scan.
Shellter uses a unique dynamic approach which is based on the execution flow of the target application, and this is just the tip of the iceberg.
Shellter is not just an EPO infector that tries to find a location to insert an instruction to redirect execution to the payload. Unlike any other infector, Shellter’s advanced infection engine never transfers the execution flow to a code cave or to an added section in the infected PE file.
Main Features
- Compatible with Windows x86/x64 (XP SP3 and above) & Wine/CrossOver for Linux/Mac.
- Portable – No setup is required.
- Doesn’t require extra dependencies (python, .net, etc…).
- No static PE templates, framework wrappers etc…
- Supports any 32-bit paylo
最低0.47元/天 解锁文章
3702
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
