The script will use msfvenom (metasploit) to generate shellcode in diferent formats ( c | python | ruby | dll | msi | hta-psh ), injects the shellcode generated into one funtion (example: python) "the python funtion will execute the shellcode in ram" and uses compilers like: gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file, also starts a multi-handler to recibe the remote connection (reverse shell or meterpreter session).
'shellcode generator' tool reproduces some of the technics used by Veil-Evasion framework, unicorn.py, powersploit, etc,etc,etc.."P.S. some payloads are undetectable by AV soluctions yes!!!" one of the reazons for that its the use of a funtion to execute the 2º stage of shell/meterpreter directly into targets ram.
option | build | target | format | output |
---|---|---|---|---|
1 | shellcode | unix | C | C |
2 | shellcode | windows | C | DLL |
3 | shellcode | windows | DLL | DLL |
4 | shellcode | windows | C | PYTHON/EXE |
5 | shellcode | windows | C | EXE |
6 | shellcode | windows | MSIEXEC | MSI |
7 | shellcode | windows | C | RUBY |
8 | shellcode | windows | POWERSHELL | BAT |
9 | shellcode | windows | HTA-PSH | HTA |
10 | shellcode | windows | PSH-CMD | PS1 |
11 | shellcode | windows | PSH-CMD | BAT |
12 | shellcode | webserver | PHP | PHP |
13 | shellcode | multi OS | PYTHON(base64) | PYTHON |