神兵利器 | 技术分享CS二开--特征消除2
VSole2023-05-16 15:43:53
cobaltstrike4.5特征消除2
修改了内置stage的配置,实现硬性特征消除
修改部分payload,实现基本免杀
修改checksum8 判等参数
public static long checksum8(String text) {
if (text.length() < 4) {
return 0L;
}
text = text.replace("/", "");
long sum = 0L;
for (int x = 0; x < text.length(); ++x) {
sum += text.charAt(x);
}
return sum ;
}
修改随机生成算法
写入方法,传值
public static void main(String []args) {
String key = "0797809e694f99998172aec328c672f26eea6a664.cs";
long flag = checksum8(key);
System.out.println(flag);
}}
public static boolean isStager(String uri) {
return checksum8(uri) == ****;
修改传值
修改common/CommonUtils的
public static String MSFURI(final int n) {
final String[] array = toArray("a, b, c, d, e, f, h, i, j, k, l, m, n, o, p, q, r, s, t, u, v, w, x, y, z, A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9");
StringBuffer sb;
do {
sb = new StringBuffer(n + 1);
sb.append("/");
for (int i = 0; i < n; ++i) {
sb.append(pick(array));
}
} while (checksum8(sb.toString()) != ****);
return
public static String MSFURI_X64() {
final String[] array = toArray("a, b, c, d, e, f, h, i, j, k, l, m, n, o, p, q, r, s, t, u, v, w, x, y, z, A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9");
String string;
do {
string = "/" + pick(array) + pick(array) + pick(array) + pick(array);
} while (checksum8(string) != ****);
修改return的结果和判等结果
简单免杀
修改
/aggressor/dialogs/PayloadGeneratorDialog.java
encoders/Transforms.java
自定义加载器
#include
#include
unsigned char buf[] ="";
void main(){
***
}
重新打包跑就行了
关于beacon的部分不方便多说,就没写到这里
后续看看要不要公开吧
VSole
网络安全专家