-
Notifications
You must be signed in to change notification settings - Fork 332
/
CHANGELOG
153 lines (127 loc) · 6.5 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
CHANGELOG
---------
Version 2.4.1
+++ CHANGES +++
- added has_process_exit
- added quick and dirty support for compiling with c++
Version 2.4
+++ CHANGES +++
- added adversarial examples vs. static machine learning detectors (credits go to Thund3rPat)
- 3 new sandbox evasions
- new build script to test all current available sandbox evasions
- minor bug fixes
Version 2.3
+++CHANGES +++
- switch to Mingw-Crosscompiler
- add Dockerfile which encapsulates Metasploit and Avet
- 23 new Sandbox Evasions
- setup script can download dependencies
Version 2.2
+++ CHANGES +++
- Generated executables are now named after their buildscripts instead of "output.exe".
- added "build_script_tester.py", a script which executes all build scripts and fetch error messages.
- Usage of executables is now echoed to screen
- replace "avet_fabric.py" with "avet.py". "avet.py" helps new users to configure and build scripts without changing the orignal build script.
- new build scripts structure with tags(tags are only relevant for avet.py)
- adjust setup to work with Kali 2020.1
- updated tdm-gcc to version 9.2.0
- added curl as download method
Version 2.1
+++ KNOWN ISSUES +++
- DKMC integration still not working properly, probably due to corrupt shellcode.
- when built as a service, debug logging into file does not work. this is probably a permission problem.
+++ CHANGES +++
- enacted build script naming reform, so that the most prominent feature is mentioned first in the script name
- added RC4 encoder/decoder
- pe_to_shellcode integration, which enables using .exe files as input by converting them into callable shellcode
- added ability to execute cmd/powershell command payloads at sample startup. these payloads are compatible with the built-in data retrieval methods.
- added static_from_here retrieval method to specify static inputs directly in the build script
- added ability to supply arguments for evasion techniques directly in the build script, e.g. specifying fopen file target
- added bitsadmin data retrieval method
- added environmental checks for sandbox evasion: checking VM MAC, number of CPU cores, checking VM registry keys
- example build scripts for new features
- general bugfixes and improvements
Version 2
+++ KNOWN ISSUES +++
- downloadexecshellcode_DKMC not working properly. DKMC probably delivers corrupt shellcode, needs further investigation.
- when built as a service, debug logging into file does not work. this is probably a permission problem.
+++ CHANGES +++
General rebuild:
- major folder restructuring, code is now more modular:
* sources are now gathered in the source folder
* modularized shellcode binding methods
* modularized evasion techniques
* modularized encoders/decoders
* modularized data retrieval methods
- bundled basic data conversion and file interaction functions in data_utility.h
- moved sh_format utility into tools folder
- added data_raw_to_c tool that converts raw shellcode into c-array style for static source file includes
- added supreme ASCII art banner as text file, which can be printed in build scripts when using AVET
- structured files generated by AVET into new input and output folders
- implemented bash function interface in feature_construction.sh, which provides a simple language to be used in build scripts for easier configuration
- removed make_avet, the complete AVET executable generation is now configured in the build script language
- updated build scripts to use the new construction language
- added global connect config for generalized LHOST and LPORT settings in payloads
- completely redesigned avet.c to support the new modular configuration options
- reimplemented avetsvc.c based on new avet.c
- removed make_avetsvc
- implemented new debug output macro that makes code more readable
- integrated old sh_format utility as avet encoder/decoder module
- added xor encoder/decoder
- added key generation utility to ease encoder use
- generalized shellcode retrieval as data retrieval, so that retrieval methods can be used for all imported data, such as encryption keys
- fixed several data retrieval methods so that they are more robust in execution and more readable in code
- implemented new data retrieval methods
- major code commenting offensive
- bugfixes
BFG integration (BFG project: https://github.com/govolution/bfg)
- major renaming from "shellcode" into "payload" in sources and scripts
- introduced new data retrieval category get_payload_info, where parameters such as target process PID can be delivered for hollowing, injection etc.
- added reset_evasion_tecnhnique_counter build script function to support compilation of multiple payloads in one build script
- integrated process hollowing for 32 and 64 bit targets from BFG, including new build scripts
- integrated shellcode injection for 32 and 64 bit targets from BFG, including new build scripts
- integrated dll injection for 32 and 64 bit targets from BFG, including new build scripts
For details, consider the commit messages.
Version 1.3
- downloading shellcode using powershell or certutil
- downloading shellcode into memory and exec from memory
- added more build scripts for new options
Version 1.2
- AVET now has support for metasploits psexec
- basic support for metasploits ASCII encoder, more to come
- of cource more build scripts
- support for msf ASCII call via cmd
- added "killswitch" (gethostbyname) evasion technique
- added -q for quiet mode (hiding window)
Version 1.1
- avet_fabric for assisted execution of the build scripts
- more cleanup of avet.c
- removed all options from avet.c itself for reducing codebase (less detectable in the future)
- added options from avet to make_avet
- added build scripts
- added -F for explicit fopen sandbox escape
- added -X for 64 bit support
- added -E for explicit usage of avets ASCII encoder
users now can use shellcode encoders without avets ASCII encoder
- fixed compiler warning in make_avet.c
Version 1.0
- cleanup and reduce code base of avet.c
- added to public github repo
- tested with Kali 2 and update README
- made GPL
Version 0.4
- translate almost everything to English
- added some documentation
- changed ASCII art
- rewrite some parts for easier usage
- added -f option to make_avet
- added evasion with read file from c:\windows\system.ini
- added build.sh
Version 0.3
- make_avet added
Version 0.2
- -u works with Windows 7
- -p for debugging
Version 0.1
- -f works with Windows XP and Windows 7
- -u works with Windows XP