admin/SuperMega
1
0
Fork 0
mirror of https://github.com/dobin/SuperMega synced 2026-06-02 17:27:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
9639f1c40530c2ab5650d00e70d15fcca34e2033
SuperMega/README.md
T
Dobin 9639f1c405 doc: update
2024-02-12 17:52:12 +00:00

2.7 KiB
Raw Blame History

SuperMega - Cordyceps Implementation

Ophiocordyceps camponoti-balzani is a species of fungus that parasitizes insect hosts of the order Hymenoptera, primarily ants. O. camponoti-balzani infects ants, and eventually kills the hosts after they move to an ideal location for the fungus to spread its spores.

Ophiocordyceps camponoti-balzani

What

SuperMega is a shellcode loader. It will take a shellcode as input, protects it, adds a loader, and injects the resulting shellcode into an exe.

FUD.

And:

  • Only works with 64 bit (shellcode and infecteble exe's)

Features:

  • Loader source is C yay
  • Execution-Guardrails
    • Environment variables
  • configurable implementation
  • different EXE injection techniques

Plugins:

  • source style:
    • PEB_WALK
    • IAT_REUSE
  • alloc style:
    • RWX
    • REUSE_RWX
  • decoder style:
    • PLAIN_1
    • XOR_1
  • dataref style:
    • APPEND

Directories

  • shellcodes/: Input: Shellcodes we want to use as input (payload)
  • source/: Input: Loader C templates
  • plugins/: Input: Loader C implementations
  • exes/: Input: Nonmalicious EXE files we inject into
  • build/: build: Temporary files during build process
  • logs/: build: Files generated by building (inspect for debugging)
  • out/: output. The generated result: infected exe

Installation

Configure config.yaml with:

config.yaml:

path_cl: 'C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.37.32822\bin\Hostx64\x64\cl.exe'
path_ml64:  'C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.37.32822\bin\Hostx64\x64\ml64.exe'

path_masmshc:  'C:\Users\hacker\Source\Repos\masm_shc\out\build\x64-Debug\masm_shc\masm_shc.exe'
path_runshc: 'C:\Users\hacker\Source\Repos\masm_shc\out\build\x64-Debug\runshc\runshc.exe'

Make sure its the Hostx64/x64/ one exe. Make sure to compile msmshc and runshc as 64bit. You can also replace runshc with your own shellcode loader.

Alternatively, you can maybe use a 64bit Visual Studio developer console or insert env paths:

"C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Auxiliary\Build\vcvars64.bat"

And just use executable "cl.exe" and "ml64.exe".

A list of packages/components which may be required for Visual Studio 2022:

  • C++ 2022 Redistributable Update
  • C++ Build Insights
  • C++ CMake tools for windows
  • C++ /CLI support for v143 build tools (lastest)
  • MSBuild
  • MSVC v133 - VS 2002 C++ x64/x86 build tools (latest)
  • C++ ATL for latest v143 build tools (x86 & x64)
  • C++ MFC for latest v143 build tools (x86 & x64)
  • Windows 11 SDK
Reference in New Issue View Git Blame Copy Permalink