GithubHelp home page GithubHelp logo

inotgreen / glllpowerloader Goto Github PK

View Code? Open in Web Editor NEW
434.0 19.0 102.0 27.58 MB

绕过AV/EDR的代码例子(Code example to bypass AV/EDR)

PowerShell 0.41% Python 56.33% C++ 19.47% C 23.70% Batchfile 0.09%
shellcodeloader bypass-antivirus ps1toexe ps1tovbs weaponized

glllpowerloader's Issues

有几个BUG

问题1:免杀加载器模式下bin文件加载BUG
1.C/C++ ShellCode(bin)
1.processhollowing 模式加载不到bin文件,根目录还有绝对路径都不行。其他模式根目录可以
Traceback (most recent call last):
File "F:\Gllloader-main\loader.py", line 891, in
main(stub, args.file, args.out, key, args.process, method, args.no_randomize, args.verbose, args.dll_sandbox)
File "F:\Gllloader-main\loader.py", line 761, in main
with open(tempfile, 'wb') as contents:
FileNotFoundError: [Errno 2] No such file or directory: 'temp_.\payload.bin'
问题2:生成后的exe 60秒后进程自动消失然后就没然后了。测试用的CS 4.4的payload.bin 编译环境W10 GCC 8.1.0 py3.10

GCC编译版本用?

MinGW-W64 Online Installer

[MinGW-W64-install.exe](https://sourceforge.net/projects/mingw-w64/files/Toolchains%20targetting%20Win32/Personal%20Builds/mingw-builds/installer/mingw-w64-install.exe)

MinGW-W64 GCC-8.1.0

[x86_64-posix-sjlj](https://sourceforge.net/projects/mingw-w64/files/Toolchains%20targetting%20Win64/Personal%20Builds/mingw-builds/8.1.0/threads-posix/sjlj/x86_64-8.1.0-release-posix-sjlj-rt_v6-rev0.7z)
[x86_64-posix-seh](https://sourceforge.net/projects/mingw-w64/files/Toolchains%20targetting%20Win64/Personal%20Builds/mingw-builds/8.1.0/threads-posix/seh/x86_64-8.1.0-release-posix-seh-rt_v6-rev0.7z)
[x86_64-win32-sjlj](https://sourceforge.net/projects/mingw-w64/files/Toolchains%20targetting%20Win64/Personal%20Builds/mingw-builds/8.1.0/threads-win32/sjlj/x86_64-8.1.0-release-win32-sjlj-rt_v6-rev0.7z)
[x86_64-win32-seh](https://sourceforge.net/projects/mingw-w64/files/Toolchains%20targetting%20Win64/Personal%20Builds/mingw-builds/8.1.0/threads-win32/seh/x86_64-8.1.0-release-win32-seh-rt_v6-rev0.7z)
[i686-posix-sjlj](https://sourceforge.net/projects/mingw-w64/files/Toolchains%20targetting%20Win32/Personal%20Builds/mingw-builds/8.1.0/threads-posix/sjlj/i686-8.1.0-release-posix-sjlj-rt_v6-rev0.7z)

完全不知道下哪个来编译

ps2exe模式加载报错 被wd杀

师傅你好,今天一直在看你发的视频学习,想请教几个问题
1、ps2exe加载模式 在环境为win11,powershell均为Unrestricted模式下报错
image

2、我在虚拟机winserver2019测试defender还是被杀了,不知道哪里出问题了

还需要多学习,打扰师傅

.dll Entrypoint

first thanks for sharing this great project, second i want to know what is the entrypoint used when i execute dll ?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.