Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
Total 1 files
■ ■ ■ ■ ■ ■
README.md
skipped 194 lines
195
195
196
196
---
197
197
198
+
## Final remark
199
+
200
+
This PoC was designed to work with Cobalt Strike's Beacon shellcodes. The Beacon is known to call out to `kernel32!Sleep` to await further instructions from its C2.
201
+
This loader leverages that fact by hooking `Sleep` in order to perform its housekeeping.
202
+
203
+
This implementation might not work with other shellcodes in the market (such as _Meterpreter_) if they don't use `Sleep` to cool down.
204
+
Since this is merely a _Proof of Concept_ showing the technique, I don't intend on adding support for any other C2 framework.
205
+
206
+
When you understand the concept, surely you'll be able to translate it into your shellcode requirements and adapt the solution for your advantage.
207
+
208
+
Please do not open Github issues related to "this code doesn't work with XYZ shellcode", they'll be closed immediately.
209
+
210
+
---
211
+
198
212
### ☕ Show Support ☕
199
213
200
214
This and other projects are outcome of sleepless nights and **plenty of hard work**. If you like what I do and appreciate that I always give back to the community,
Mariusz B. / mgeeky
committed
3 years ago
1 parent 25153d79