The following commands dynamically generate a sliver shellcode:
migrate
getsystem
generate-egg
The current obfuscation process being quite long to run, the symbol obfuscation has been disabled for the first two commands. There is already a --skip-symbols flag for generate-egg which allows to switch the behavior.
Ideally, we'd want to have obfuscation everywhere, even on injected shellcodes. One way to do that would be leverage the database to pull a previously generated sliver, which may require to pre-build shellcode slivers (which is not ideal).
rkervella
commented
3 years ago
The following commands dynamically generate a sliver shellcode:
The current obfuscation process being quite long to run, the symbol obfuscation has been disabled for the first two commands. There is already a
--skip-symbolsflag forgenerate-eggwhich allows to switch the behavior.Ideally, we'd want to have obfuscation everywhere, even on injected shellcodes. One way to do that would be leverage the database to pull a previously generated sliver, which may require to pre-build shellcode slivers (which is not ideal).