GithubHelp home page GithubHelp logo

741243716 / crossnet-beta Goto Github PK

View Code? Open in Web Editor NEW

This project forked from hayasec/crossnet-beta

0.0 0.0 0.0 26.12 MB

红队行动中利用白利用、免杀、自动判断网络环境生成钓鱼可执行文件。

C++ 81.22% C 18.78%

crossnet-beta's Introduction

CrossNet

通过判断目标是否出网,何种方式出网选择相应的方式上线。

image-20210204174143759

选择CobaltStrike4.1 RAW格式shellcode 生成payload.bin 生成不同listener 的payload ,这里生成http和dns

image-20210204174355145

点击choose将生成的payload或doc文件选择到对应选项

image-20210204174543697

等待一会,成功生成目标文件和dll 到当前文件夹

image-20210204174736440

点击会发现释放出真实docx文件并执行,并将exe文件设为隐藏。

image-20210204175122872

过一会CS会上线。

image-20210204175242780

注意

生成马需要visual studio环境,这里是visual studio 2017

已实现

判断出网方式 TCP、DNS √

依据不同的出网方式进行shellcode加载 √

利用lolbins结合dll劫持执行shellcode √

Beta 1.0.2

修改可执行内存申请 后添加可执行权限√

添加sleep 万一能绕过沙箱√

将判断dns是否出网替换自己指向127.0.0.1 的域名 √

Beta 1.1.0

释放出word并将word文件名修改一致[Beta=1.1.0]√

设置当前EXE文件为隐藏[Beta=1.1.0]√

将shellcode加密存放在dll文件中[Beta=1.1.0]√

解密本地shellcode并运行shellcode [Beta=1.1.0]√

权限维持[Beta=1.1.0]√

进程注入到系统进程[Beta=1.1.0]√

新方式出网探测[[Beta=1.1.0]√

TODO:

EXE自删除

DNS beacon自动checkin

ICMP协议支持

寻找更可靠的权限维持方法

功能分化: 1. 免杀模式 2. 钓鱼模式(释放word)

免杀模式:

  1. 其他白利用方式

钓鱼模式:

  1. 添加chm帮助文件 白利用链

免杀测试:

静态扫描检测:

360杀毒 未通过

360安全卫士 通过

火绒 通过

动态执行扫描检测:

360杀毒 通过

360安全卫士 通过

火绒 通过

问题:

比较优秀的支持icmp协议的远控?

crossnet-beta's People

Contributors

dr0op avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.