ZheTian Powerful remote load and execute ShellCode tool

Related tags

Network ZheTian
Overview

my-logo.png

ZheTian

ZheTian Powerful remote load and execute ShellCode tool

免杀shellcode加载框架

命令详解

-u:从远程服务器加载base64混淆后的字节码。 -r:从本地文件内读。 -s:读取无修改的原始文件,只能从本地加载

-o:参数为tru自动向启动项添加自启模块。

从http远程服务器或本地文件内读取shellcode字节码需遵循以下格式: java类型需去除0x,c or python 类型需去除\x

示例:

字节码类型:

原始python代码:

buf = "\xfc\x48\x83\xe4\xf0\xe8\xc8\x00\x00\x00\x41\x51\x41\x50\x52\x51\x56\x48\x31\xd2\x65\x48\x8b"....

修改成:

fc4883e4f0e8c8000000415141......

Java、c、ruby等同理。只需将字节数组里的16进制代码提取出来即可。注意需将得到的字符串使用base64转码。

原文件读取类型:

使用 ZheTian -h 命令可查看支持的语言。原文件无需使用base64转码,但是不支持放在远程服务器,只能通过本地 -s 命令读取,如: ZheTian -s C:/Windows/Temp/payload.java

编译:

go build -ldflags "-w -s" main.go

可以使用

go build -ldflags "-w -s -H windowsgui" main.go

实现无窗口运行。但是360偶尔会识别位恶意程序。如果目标机器无安全设备,可以尝试使用此命令打包,然后使用参数: -o true 实现写入启动项功能。

my-logo.png

注意:打包的时候需指定是64位还是32位。默认会根据系统自动选择。 而在生成payload shellcode的时候也需要选择正确的位数,否则会加载失败。使用code字节码加载时一定要使用base64加密,否则无法解析!!

后端使用了base64对读取到的字节码进行了转码,为了减小流量特征。AES/DES的加密模式太多在未标明的情况下可能导致无法解密失败,故此暂不考虑使用

Releases(2.0.1)
Owner
一曲成殇
hello world
一曲成殇
red-tldr is a lightweight text search tool, which is used to help red team staff quickly find the commands and key points they want to execute, so it is more suitable for use by red team personnel with certain experience.

Red Team TL;DR English | 中文简体 What is Red Team TL;DR ? red-tldr is a lightweight text search tool, which is used to help red team staff quickly find t

倾旋 145 Nov 15, 2021
Command-line tool and library for Windows remote command execution in Go

WinRM for Go Note: if you're looking for the winrm command-line tool, this has been splitted from this project and is available at winrm-cli This is a

Brice Figureau 339 Nov 25, 2021
Go Library to Execute Commands Over SSH at Scale

vSSH Go library to handle tens of thousands SSH connections and execute the command(s) with higher-level API for building network device / server auto

Yahoo 755 Nov 24, 2021
🤘 The native golang ssh client to execute your commands over ssh connection. 🚀🚀

Golang SSH Client. Fast and easy golang ssh client module. Goph is a lightweight Go SSH client focusing on simplicity! Installation ❘ Features ❘ Usage

Mohamed El Bahja 868 Nov 29, 2021
A major platform Remote Access Terminal Tool based by Blockchain/P2P.

NGLite A major platform Remote Access Terminal Tool based by Blockchain/P2P. No public IP address required.More anonymity Example Detection Warning!!!

null 183 Nov 27, 2021
A remote access tool & CNC

⚠️ ⚠️ Disclaimer just use this with good intentions ⚠️ ⚠️ An useless rat (remote acces tool in develop) web client you want to use it? download pairat

pai 10 Nov 28, 2021
A remote access tool & CNC

⚠️ ⚠️ Disclaimer just use this with good intentions ⚠️ ⚠️ An useless rat (remote acces tool in develop) web client you want to use it? download pairat

pai 10 Nov 28, 2021
Simple, fast and scalable golang rpc library for high load

gorpc Simple, fast and scalable golang RPC library for high load and microservices. Gorpc provides the following features useful for highly loaded pro

Aliaksandr Valialkin 647 Nov 18, 2021
High-performance PHP application server, load-balancer and process manager written in Golang

RoadRunner is an open-source (MIT licensed) high-performance PHP application server, load balancer, and process manager. It supports running as a serv

Spiral Scout 6.1k Dec 5, 2021
Generate HTTP load and plot the results in real-time

ali A load testing tool capable of performing real-time analysis, inspired by vegeta and jplot. ali comes with an embedded terminal-based UI where you

Ryo Nakao 3k Dec 6, 2021
gobetween - modern & minimalistic load balancer and reverse-proxy for the ☁️ Cloud era.

gobetween - modern & minimalistic load balancer and reverse-proxy for the ☁️ Cloud era. Current status: Maintenance mode, accepting PRs. Currently in

Yaroslav Pogrebnyak 1.6k Dec 2, 2021
DNS/DoT to DoH proxy with load-balancing, fail-over and SSL certificate management

dns-proxy Configuration Variable Example Description TLS_DOMAIN my.duckdns.org Domain name without wildcards. Used to create wildcard certificate and

Dimitri Herzog 3 Nov 23, 2021
Local development against a remote Kubernetes or OpenShift cluster

Documentation - start here! ** Note: Telepresence 1 is being replaced by our even better Telepresence 2. Please try Telepresence 2 first and report an

Telepresence 4.4k Dec 1, 2021
Simple HTTP tunnel using SSH remote port forwarding

Simple HTTP tunnel using SSH remote port forwarding

Skye L. 16 Jul 27, 2021
EasyAgent is an infrastructure component, applied to manage the life-cycle of services on the remote host.

Easyagent English | 中文 介绍 easyagent是在袋鼠云内部广泛使用的基础架构组件,最佳应用场景包括ELK体系beats等数据采集器的管控和配置管理、数栈体系自动化部署等 基本原理 easyagent主要有sidecar和server两个组件,sidecar部署在主机端,si

袋鼠云 79 Nov 29, 2021
V3IO Frames ("Frames") is a Golang based remote data frames access (over gRPC or HTTP stream)

V3IO Frames ("Frames") is a multi-model open-source data-access library that provides a unified high-performance DataFrame API for working with different types of data sources (backends). The library was developed by Iguazio to simplify working with data in the Iguazio Data Science Platform ("the platform"), but it can be extended to support additional backend types.

null 24 Dec 2, 2021
Run commands on remote hosts, inspecting key indicators to manage infrastructure

inspector This is a very basic ssh helper tool to manage a smaller (few 100s up to a few 1000s) fleet of servers. The main point of inspector is to pr

null 18 Oct 5, 2021
The rest api that can manage the iptables rules of the remote host

fiewall-api firewall api是基于firewalld来远程管理iptables规则的rest-api,无需部署agent Features 指定一个主机ip,让这个主机上的iptables增加一个规则 处理单个IP或CIDR范围(xx.xx.xx.xx/mask,mac,inte

seal 1 Nov 5, 2021
Application wirtten in GO to check if the port on the remote host is open

portcheck A simple Pod that get API POST request with port type and number with a target's IP address and checks if the destination port is available

Oren Oichman 0 Nov 26, 2021