Closed Mantraufo closed 3 years ago
klezVirus
commented
3 years ago Hi Mantrauf! Thanks a lot for that! Should be fixed in 968170889d867ac8e4c385fd5f27b3d7cf4aed36.
I might get rid of the EXEs sooner or later and just add the download/unpacking routine in update_config, but for now, it's done! ;)
Mantraufo
commented
3 years ago Thank you very much for this beautiful project, how can I send some templates that I plan to start developing?
klezVirus
commented
3 years ago You're welcome! It was fun to implement, and there are still several milestones on the project plan.
Regarding the development of new templates, you are welcome to just clone the repo and submit them via PR. Just a word of notice here, though: I'll recommend submitting only templates only if you have a good reason to submit them. Valid reasons may be:
The reason behind this choice is that defenders are always on us. So the more the templates, the more the signatures they will produce.
First of all thanks for such an incredible work, I am testing some modules , there is an error in the obfuscating part, greetings
[] Multiple compatible templates identified, choose one: 0: assembly_load.cs 1: classic.cs $> 1 [+] .Net Artifact Generator Started At 2021-08-03 20:47:24.632763 [] Phase 0: Loading... [] Phase 1: Converting binary into shellcode [>] Transformer: Donut [] Phase 2: Encoding [>] Phase 2.1: Using Shikata-Ga-Nai x64 to encode the shellcode [] Encoded filename: C:\Users\LENOVO\Documents\NoteMalware\inceptor\inceptor\temp\tmp4kwjc6t_.raw.sgn [>] Phase 2.2: Using Inceptor chained encoder to encode the shellcode [>] Encoder Chain: HexEncoder [>] Shellcode size: 111282 [>] Shellcode Signature: da5bd58bc1938f68afc1895744dc763b9af944ca [] Phase 3: Generating source files using CLASSIC [>] Phase 3.1: Writing CS file in .\temp\tmp00jwrseu.cs [] Phase 4: Compiling [] Phase 5: Obfuscate dotnet binary [#] Multiple obfuscators identified, choose one: 0: AsStrongAsFuck 1: ConfuserEx 2: LoGIC_NET $> 1 Traceback (most recent call last): File "C:\Users\LENOVO\Documents\NoteMalware\inceptor\inceptor\obfuscators\Obfuscator.py", line 42, in from_name obfuscator_instance = obfuscator_class(kwargs=kwargs['kwargs']) File "C:\Users\LENOVO\Documents\NoteMalware\inceptor\inceptor\obfuscators\dotnet\ConfuserEx.py", line 29, in init raise FileNotFoundError(f"[-] Missing {self.name} obfuscator utility file") FileNotFoundError: [-] Missing ConfuserEx obfuscator utility file Traceback (most recent call last): File "C:\Users\LENOVO\Documents\NoteMalware\inceptor\inceptor\generators\DotNetArtifactGenerator.py", line 219, in generate self.generate_wrapped() File "C:\Users\LENOVO\Documents\NoteMalware\inceptor\inceptor\generators\DotNetArtifactGenerator.py", line 277, in generate_wrapped self.obfuscate_exe() File "C:\Users\LENOVO\Documents\NoteMalware\inceptor\inceptor\generators\DotNetArtifactGenerator.py", line 149, in obfuscate_exe new_file = obfuscator.obfuscate() AttributeError: 'NoneType' object has no attribute 'obfuscate'