portable unity engine reverse shell (or unity engine game backdoor)
- multi-platform (Mono or IL2CPP)
- supports C# !!
https://medium.com/@Bank_Security/undetectable-c-c-reverse-shells-fab4c0ec4f15
Setup
https://unity3d.com/get-unity/download
- kali supports the linux editor appimage binary
Proof of concept
- Import unityrs_dev.unitypackage to your unity project.
- Edit domain/ip:port in the poc.cs file.
- Build to your target platform. (Linux, Windows)
- Setup listener. (nc -lvp 8080)
- Download/upload & execute your game!
Findings
- bypasses AV (assuming you sign the binaries!)
Compile
Limitations
- total size 50MB.
Enjoy~