admin/SuperMega
1
0
Fork 0
mirror of https://github.com/dobin/SuperMega synced 2026-06-02 17:27:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

doc: paths

Browse Source
This commit is contained in:
Dobin Rutishauser
2025-06-22 23:22:35 +02:00
parent 4ccdb7e750
commit 5044f4011f
1 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+11 -6
View File
@@ -198,23 +198,23 @@ Optional:
* `r2.exe` * `r2.exe`
## Settings ## Configuration & OPSEC
Description of funtionality and settings. Description of funtionality and settings.
### Shellcode ### Shellcode / Payload
`--shellcode <filename.bin>` `--shellcode <filename.bin>`
The 64-bit payload shellcode, like your CobaltStrike beacon. Should be x64. The 64-bit payload shellcode, like your CobaltStrike beacon. Should be x64.
Located in the `data/binary/shellcodes/` directory. Located in the `data/binary/shellcodes/*.bin` directory.
### Injectable ### Injectable / .exe .dll
`--inject <filename.exe>` `--inject <filename.exe>`
A 64-bit Windows PE executable used as a trojan. The shellcode will be injected in this EXE or DLL. The original functionality of the EXE/DLL will not work anymore (it will only execute the carrier with the shellcode it is carrying) A 64-bit Windows PE executable used as a trojan. The shellcode will be injected in this EXE or DLL. The original functionality of the EXE/DLL will not work anymore (it will only execute the carrier with the shellcode it is carrying)
Located in the `data/binary/injectables/` directory. Located in the `data/binary/injectables/*.exe *.dll` directory.
Make sure it has all it's required DLLs. Make sure it has all it's required DLLs.
@@ -223,7 +223,7 @@ Make sure it has all it's required DLLs.
`--carrier <carrier_name>` `--carrier <carrier_name>`
C code which loads and executes the payload shellcode. This includes allocating memory, changing its permissions, and then finally executing it. It has the main() function, and modules: Decoder, Anti-Emulation, and Guardrail. C code which loads and executes the payload shellcode. This includes allocating memory, changing its permissions, and then finally executing it. It has the main() function, and modules: Decoder, Anti-Emulation, and Guardrail.
Located in the `data/source/carrier` directory Located in the `data/source/carrier/*.c` directory
* alloc\_rw\_rx: Allocate RW memory, copy payload, then make it RX. **Recommended**. * alloc\_rw\_rx: Allocate RW memory, copy payload, then make it RX. **Recommended**.
* alloc\_rw\_rwx: Same as alloc\_rw\_rx, but useful for self-modyfing payloads (e.g. ShikataGaNai) * alloc\_rw\_rwx: Same as alloc\_rw\_rx, but useful for self-modyfing payloads (e.g. ShikataGaNai)
@@ -253,24 +253,29 @@ a DLL as payload which may even be more stealthy.
`--decoder <decoder_name>` `--decoder <decoder_name>`
How the payload is encrypted & decrypted. How the payload is encrypted & decrypted.
Located in the `data/source/decoder/*.c` directory.
* plain: No encryption * plain: No encryption
* xor: Single byte xor key, random * xor: Single byte xor key, random
* xor\_2: Two byte xor key, random. **Recommended**. * xor\_2: Two byte xor key, random. **Recommended**.
### Anti-Emulation ### Anti-Emulation
`--antiemulation <anti_emulation_name>` `--antiemulation <anti_emulation_name>`
Located in the `data/source/antiemulation/*.c` directory.
* none: No anti-emulation * none: No anti-emulation
* timeraw: CPU register time based * timeraw: CPU register time based
* sirallocalot: CPU cycles, memory and time based. Also does EDR-deconditioning. **Recommended**. * sirallocalot: CPU cycles, memory and time based. Also does EDR-deconditioning. **Recommended**.
### Guardrail ### Guardrail
`--guardrail GUARDRAIL` `--guardrail GUARDRAIL`
`--guardrail-key GUARDRAIL_KEY` `--guardrail-key GUARDRAIL_KEY`
`--guardrail-value GUARDRAIL_VALUE` `--guardrail-value GUARDRAIL_VALUE`
Located in the `data/source/guardrails/*.c` directory.
You can use the `env` execution guardrail to restriction execution where You can use the `env` execution guardrail to restriction execution where
the environment (-variables) matches your expectations. In the following example, the environment (-variables) matches your expectations. In the following example,