search

nettitude / PoshC2

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
BSD 3-Clause "New" or "Revised" License
1.8k stars 326 forks source link

Add XOR payload for Posh_v4_x64 using a key that can be configured in the project's config yaml file. #263

Closed thehackerish closed 2 years ago

thehackerish commented 2 years ago

Add XOR payload for Posh_v4_x64 using a key that can be configured in the project's config yaml file.

The payload can be extended to support other shellcodes. For the moment, I only tested Posh_v4_x64.

benpturner commented 2 years ago

This looks great! Will try and review asap

thehackerish commented 2 years ago

Thanks @benpturner . Have you been able to test it out?

riskydissonance commented 2 years ago

This is epic @thehackerish, thanks!

Are you able to add similar payloads for other payload types also? E.g. Poshv2, Sharp, PBind etc for consistency?

Should just be a case of handling other shellcode files in XOR-Payloads.py.

riskydissonance commented 2 years ago

Tested and working with Posh v4 shellcode

thehackerish commented 2 years ago

I added support for x86 and x64. Currently, all shellcodes have their own xored C and EXE files. Tested Posh_v4 and Sharp_v4.

riskydissonance commented 2 years ago

Brilliant, thanks!!