用法:cmd2shellcode.exe command
具体如何通过加载shellcode来实现杀软规避,需自行尝试。
例子:正常添加用户和cmd2shellcode添加用户和CS添加用户。
都是被拦截,但是正常添加用户和CS执行命令添加用户的父进程都是cmd.exe(即使CS是通过反射性dll加载),而cmd2shellcode可无cmd执行命令,"即使没有cmd.exe",所以父进程无cmd.exe
-
正常添加用户
-
cmd2shellcode添加用户
-
CS添加用户
scareing/cmd2shellcode
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|