generate

package

v0.0.2 Latest Latest Go to latest Published: Sep 17, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/chainreactors/malice-network

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func DonutFromAssembly(assembly []byte, isDLL bool, arch string, params string, method string, ...) ([]byte, error)
func DonutShellcodeFromFile(filePath string, arch string, dotnet bool, params string, className string, ...) (data []byte, err error)
func DonutShellcodeFromPE(pe []byte, arch string, dotnet bool, params string, className string, ...) (data []byte, err error)
func EncodeShellcode(shellcode []byte, arch string, iterations int, badChars []byte) ([]byte, error)
func ShellcodeRDI(dllPath string, functionName string, userdata string) (shellcode []byte, err error)
func ShellcodeRDIFromBytes(data []byte, functionName string, arguments string) (shellcode []byte, err error)
func ShellcodeRDIToFile(dllPath string, functionName string) (shellcodePath string, err error)
type SGNConfig

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrFailedToEncode = errors.New("failed to encode shellcode")
)

Functions ¶

func DonutFromAssembly ¶

func DonutFromAssembly(assembly []byte, isDLL bool, arch string, params string, method string, className string, appDomain string) ([]byte, error)

DonutFromAssembly - Generate a donut shellcode from a .NET assembly

func DonutShellcodeFromFile ¶

func DonutShellcodeFromFile(filePath string, arch string, dotnet bool, params string, className string, method string) (data []byte, err error)

DonutShellcodeFromFile returns a Donut shellcode for the given PE file

func DonutShellcodeFromPE ¶

func DonutShellcodeFromPE(pe []byte, arch string, dotnet bool, params string, className string, method string, isDLL bool, isUnicode bool, createNewThread bool) (data []byte, err error)

DonutShellcodeFromPE returns a Donut shellcode for the given PE file

func EncodeShellcode ¶

func EncodeShellcode(shellcode []byte, arch string, iterations int, badChars []byte) ([]byte, error)

EncodeShellcode - Encode a shellcode

func ShellcodeRDI ¶

func ShellcodeRDI(dllPath string, functionName string, userdata string) (shellcode []byte, err error)

ShellcodeRDI generates a reflective shellcode based on a DLL file

func ShellcodeRDIFromBytes ¶

func ShellcodeRDIFromBytes(data []byte, functionName string, arguments string) (shellcode []byte, err error)

ShellcodeRDIFromBytes generate a sRDI from a byte array

func ShellcodeRDIToFile ¶

func ShellcodeRDIToFile(dllPath string, functionName string) (shellcodePath string, err error)

ShellcodeRDIToFile generates a sRDI shellcode and writes it to a file

Types ¶

type SGNConfig ¶

type SGNConfig struct {
	AppDir string

	Architecture   string // Binary architecture (32/64) (default 32)
	Asci           bool   // Generates a full ASCI printable payload (takes very long time to bruteforce)
	BadChars       []byte // Don't use specified bad characters given in hex format (\x00\x01\x02...)
	Iterations     int    // Number of times to encode the binary (increases overall size) (default 1)
	MaxObfuscation int    // Maximum number of bytes for obfuscation (default 20)
	PlainDecoder   bool   // Do not encode the decoder stub
	Safe           bool   // Do not modify any register values

	Verbose bool

	Output string
	Input  string
}

SGNConfig - Configuration for sgn

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL