ÏîÄ¿×÷ÕߣºX-AV

ÏîÄ¿µØÖ·£ºhttps://github.com/XTeam-Wing/X-AV

Ò»¡¢¹¤¾ßÏÈÈÝ

XϵÁÐÇå¾²¹¤¾ß-AVÃâɱ¿ò¼Ü-BypassAV£¬£¬£¬£¬£¬£¬¼ÓÔØ·½·¨£ºSyscall£¬£¬£¬£¬£¬£¬Uuid£¬£¬£¬£¬£¬£¬CreateFiber£¬£¬£¬£¬£¬£¬CreateProcessWithPipe£¬£¬£¬£¬£¬£¬EtwpCreateEtwThread

µÈ¡£¡£¡£¡£¡£¡£¡£¡£¼ÓÃÜ·½·¨£ºXOR¡¢RC4¡¢AES256¡£¡£¡£¡£¡£¡£¡£¡£

¶þ¡¢×°ÖÃÓëʹÓÃ

1¡¢XOR¼ÓÃÜ

ÿÖÖ¼ÓÃܶ¼Ö§³ÖÇ°ÃæÎåÖÖ¼ÓÔØÒªÁì

./X-AV -shellcodepath cdn.bin -o xor.exe -key wing -encrypt xor -loadermethod uuid

2¡¢AES¼ÓÃÜ

aesÐèÒª¼Ósalt

./X-AV -shellcodepath cdn.bin -o aes.exe -key wing -encrypt aes -loadermethod uuid -salt wing

3¡¢RC4

./X-AV -shellcodepath cdn.bin -o rc4.exe -key wing -encrypt rc4 -loadermethod uuid

Èý¡¢ÏÂÔصØÖ·£º

ͨ¹ýÏîÄ¿µØÖ·ÏÂÔØ£ºhttps://github.com/XTeam-Wing/X-AV

ËÄ¡¢ÉùÃ÷£º

½ö¹©Çå¾²Ñо¿Óëѧϰ֮Ó㬣¬£¬£¬£¬£¬Èô½«¹¤¾ß×öÆäËûÓÃ;£¬£¬£¬£¬£¬£¬ÓÉʹÓÃÕ߼縺ËùÓÐÖ´·¨¼°Á¬´øÔðÈΣ¬£¬£¬£¬£¬£¬×÷Õß²»¼ç¸ºÈκÎÖ´·¨¼°Á¬´øÔðÈΡ£¡£¡£¡£¡£¡£¡£¡£