Comments (3)
commented on June 30, 2024
1
ok that's convincing :) yes I'm actually trying test with and without malleable c2 and tweaking params in the rdlloader and checking for each change. thx anyways.
from bokuloader.
boku7
commented on June 30, 2024
Hey fendi1989, I haven't been able to figure out how all the different malleable C2 options work with user defined reflective loader. There is not much documentation on it. I suggest placing a breakpoint in the reflectiveloader.c, compiling, and running the beacon with a debugger. If it hits the break point you know it didn't revert to the default loader. With evading Defender you're going to have to do modifications to make things bypass. Typically shortly after releasing things publically, they become signatured by Defender. The public source code makes it allot easier, since signature analysts don't even need to do any reversing to make signatures.
If you find out any new things about getting the malleable C2 flags working with user defined reflective loader, or any ways to help with evasion let me know. Also if you want to make it better this project is open to PR :)
from bokuloader.
boku7
commented on June 30, 2024
Sorry I couldn't be more help! This project has been like a exploration journey into the new UDRL and how it fits in with the rest of CS. Allot of moving parts. Still a long ways to go before I figure it all out lol. Good luck!
from bokuloader.
Related Issues (11)
- artifact kit HOT 4
- Compilation error HOT 12
- Support obfuscate "true" for SMB/TCP pivot beacons HOT 12
- cs4.5 c2profile HOT 3
- Executables "fail to start correctly" HOT 3
- PrependBytes functionality issue HOT 1
- Port to Windows 11 HOT 1
- command not found HOT 1
- Executables fail to start HOT 1
- Tried this in windows environment but in vain HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bokuloader.