guervild / uru Goto Github PK
View Code? Open in Web Editor NEWLicense: GNU General Public License v3.0
License: GNU General Public License v3.0
Add a support for dll to change into SRDI
Need the following arguments:
https://pkg.go.dev/github.com/ne0nd0g/[email protected]/pkg/modules/srdi is a implementation to follow.
Rework the dllforward module.
For the moment the created file is hardcoded. We need to provide a way to custom easily that file.
filename=/Users/user/code/uru/out/out_hpwU/20220514_b61f_main.go
2:29PM FTL Error during build: error exit status 2: # guggudar
./20220514_b61f_main.go:136:194: string literal not terminated
./20220514_b61f_main.go:139:2: missing ',' in argument list
./20220514_b61f_main.go:140:4: expected operand, found 'return'
./20220514_b61f_main.go:142:2: missing ',' in argument list
./20220514_b61f_main.go:143:5: expected operand, found 'var'
./20220514_b61f_main.go:146:5: missing ',' in composite literal
./20220514_b61f_main.go:153:2: missing ',' in composite literal
./20220514_b61f_main.go:154:3: expected operand, found 'return'
./20220514_b61f_main.go:155:3: missing ',' before newline in composite literal
./20220514_b61f_main.go:157:17: missing ',' in composite literal
./20220514_b61f_main.go:159:44: missing ',' before newline in composite literal
./20220514_b61f_main.go:136:194: string literal not terminated
is a long line w/ a stray "
near the end
id submit the PR but I'm not sure how keen you are on a 1 character pull request, so thought I'd just make the issue. =)
Generation command:
❯❯ uru generate -c config.yml -p thing.exe --exe --parameters "1.2.3.4 9090"
2:32PM FTL Error during build: error exit status 2: # huufoimw
./20220514_uwyS_main.go:17:5: imported and not used: "golang.org/x/sys/windows"
./20220514_uwyS_main.go:38:19: undefined: readBanana
./20220514_uwyS_main.go:45:8: undefined: writeBanana
./20220514_uwyS_main.go:52:18: undefined: readBanana
payload:
artifacts:
- name: windows/bananaphone/local/go-shellcode-syscall
type: injector
type: dll
arch: x64
debug: false
A nice feature could be the creation of a history of the created payloads.
This history would enable a red team operator, based on a payload hash, to get the initial configuration (initial payload, injector, encoder, etc.) and payload creation date.
This feature could be optional when using the server mode (using Docker?)
The keysize must be 32, if a the user set a size less than that it will crash, see: https://github.com/guervild/uru/blob/main/pkg/encoder/aes.go#L26
The execution of shellcode fails for me in any case. The example config fails silently in debug mode with garble enabled.
When creating a new config with only sleep 2
and xor
the program does not execute correctly:
PS C:\Users\user\Desktop> .\20220704_9qul_main.exe
[INFO] Sleep for 2 seconds
[INFO] Sleep finished
[INFO] XOR payload data
[INFO] Loading kernel32.dll
[INFO] Loading VirtualAlloc, VirtualProtect procedures...
[INFO] Calling VirtualAlloc for shellcode...
[INFO] Length of the shellcode: 9415388 bytes
[INFO] Allocated 9415388 bytes
[DEBUG] Copying shellcode to memory...
panic: runtime error: index out of range [1890000] with length 1890000
goroutine 1 [running]:
main.run({0xc003200000, 0x8faadc, 0xa12000?})
lxdlspnq/20220704_9qul_main.go:123 +0x6b7
main.main()
lxdlspnq/20220704_9qul_main.go:169 +0xff
unobfuscated shellcode comes from sliver:
generate --os windows --http https://domain --format shellcode -l
config (tested with and without xor)
payload:
artifacts:
- name: sleep
type: evasion
args:
- name: delay
value: "2"
- name: xor
type: encoder
args:
- name: Key
value: "ohmymy"
- name: windows/native/local/go-shellcode-syscall
type: injector
#sgn: false #must be decommented in the code to be used
type: exe
arch: x64
debug: true
obfuscation: false #need garble to be installed
AV is turned off
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.