You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,6 +1,6 @@
1
1
#Shellware
2
2
3
-
Upon execution Shellware will prompt for administrative privileges, once granted it wil copy itself to the C:\Users directory and add a registry entry for persistence. It will open port 8899 on the target machine and listen for a connection. Once a connection is established the program spawns an interactive OS shell. Too make the program a little less suspiscious it might prudent to bind Shellware.exe to an innocent binary for deployment.
3
+
Upon execution Shellware will prompt for administrative privileges, once granted it wil copy itself to the C:\Users directory and add a registry entry for persistence. It will open port 8899 on the target machine and listen for a connection. Once a connection is established the program spawns an interactive OS shell. To make the program a little less suspiscious it might prudent to bind Shellware.exe to an innocent binary for deployment.
4
4
5
5
Furthermore, the program attempts to tamper with certain registry entries to protect itself somewhat(and be generally annoying). The registry tampering attempts
6
6
to disable error reporting, system restore and tries to disable LUA. I've had mixed results on different Windows platforms, however a registry entry for persistence has
0 commit comments