ÏîÄ¿×÷ÕߣºX-AV

ÏîÄ¿µØµã£ºhttps://github.com/XTeam-Wing/X-AV

Ò»¡¢¹¤¾ßÏÈÈÝ

XϵÁÐÇå¾²¹¤¾ß-AVÃâɱ¿ò¼Ü-BypassAV£¬£¬£¬£¬£¬¼ÓÔØ·½·¨£ºSyscall£¬£¬£¬£¬£¬Uuid£¬£¬£¬£¬£¬CreateFiber£¬£¬£¬£¬£¬CreateProcessWithPipe£¬£¬£¬£¬£¬EtwpCreateEtwThread

µÈ¡£
¡£¡£¡£¡£¼ÓÃÜ·½·¨£ºXOR¡¢RC4¡¢AES256¡£
¡£¡£¡£¡£

¶þ¡¢×°ÖÃÓëʹÓÃ

1¡¢XOR¼ÓÃÜ

ÿÖÖ¼ÓÃܶ¼Ö§³ÖÇ°ÃæÎåÖÖ¼ÓÔØÒªÁì

./X-AV -shellcodepath cdn.bin -o xor.exe -key wing -encrypt xor -loadermethod uuid

2¡¢AES¼ÓÃÜ

aesÐèÒª¼Ósalt

./X-AV -shellcodepath cdn.bin -o aes.exe -key wing -encrypt aes -loadermethod uuid -salt wing

3¡¢RC4

./X-AV -shellcodepath cdn.bin -o rc4.exe -key wing -encrypt rc4 -loadermethod uuid

Èý¡¢ÏÂÔصص㣺

ͨ¹ýÏîÄ¿µØµãÏÂÔØ£ºhttps://github.com/XTeam-Wing/X-AV

ËÄ¡¢ÉùÃ÷£º

½ö¹©Çå¾²Ñо¿Óëѧϰ֮ÓÃ£¬£¬£¬£¬£¬Èô½«¹¤¾ß×öÆäËûÓÃ;£¬£¬£¬£¬£¬ÓÉʹÓÃÕ߼縺ËùÓÐÖ´·¨¼°Á¬´øÔðÈÎ£¬£¬£¬£¬£¬×÷Õß²»¼ç¸ºÈκÎÖ´·¨¼°Á¬´øÔðÈΡ£
¡£¡£¡£¡£