If you are following along at home, you now know that crypter
http://nullsecurity.net/tools/binary.html
is great. And you followed along here to
get it working with smbexec: http://secjohn.blogspot.com/2013/08/encrypting-payloads-with-smbexec-on.html
And of course you saw my post on Obfy here and are using it
too right? http://secjohn.blogspot.com/2013/08/introducing-obfy.html
Well then you are in luck.
I just added crypter support to Obfy as well. So if you follow the directions in my
encrypting payloads with smbexec post and compile crypter.exe and run updatedb
so the locate command finds it, Obfy will now see it and ask you if you want to
use it on the payload you just made. If
you say yes you will get two exe files, the original one and the one put through
crypter. Have fun testing each out.
The updated version of the script can be found here: https://github.com/secjohn/obfy
If you used git to download it originally as in git clone https://github.com/secjohn/obfy.git
then simply running git pull in the obfy directory will get you up to date.
No comments:
Post a Comment