Need a FUD: What about Shellter?

March 17, 2017 | Views: 3980

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Shellter is a dynamic shellcode injection tool, and the first truly dynamic PE (portable executable) infector ever created. It can be used in order to inject shellcode into native 32-bit Windows applications. It takes advantage of the original structure of the PE file and doesn’t apply any modification such as changing memory access permissions in sections (unless the user wants), adding an extra section with RWE access (Read Write Execute Access), and whatever would look dodgy under an Anti-Virus scan.

Please note that Kali Linux will be used during this demonstration.

INSTALLING SHELLTER:

IMPORTANT: “Wine” must be installed for shellter to properly install and run.

First, use the following command to install Shellter:
apt-get-install shellter

USING SHELLTER:

To start using Shellter, just use the following command:
shellter

 

Here you can choose 3 options (Automatic, Manual, Help). We will use “A” for Automatic.

It will then ask for the PE Target. In our case, we use /root/Desktop/putty.exe.

A backup file will be made in Shellter_Backups.

After,  we will choose if we want to use Stealth Mode. For the purpose of this example, we will choose “Y” for yes.

 

We then have 7 Payloads to choose from:
1. Meterpreter_reverse_TCP (stager)
2. Meterpreter_Reverse_HTTP (stager)
3. Meterpreter_Reverse_HTTPS (stager)
4. Meterpreter_Bind_TCP (stager)
5. Shell_Reverse_TCP (stager)
6. Shell_Bind_TCP (stager)
7. WinExec

If we want a payload in the list, we enter “L” for list.
Then, we enter the numer of the payload to use. In this example, we will use “1” for Meterpreter_reverse_TCP.

After, we are asked to provide the following information:
LHOST: “192.168.1.7” (in my case)
LPORT: “443” Standard HTTP over SSL port.

We then will wait for a few seconds for the process to complete, and Voila, we have an injected payload into a regula program!

There is a lot more to know about Shellter, and you can easily find more features and take it much further! Have fun playing with this incredible tool!

PS: Shellter Pro is on the verge of coming out so I encourage you to periodically check it out.

Best Regards!

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel