Skip to content

AuthStager is a proof-of-concept tool that generates a custom stager shellcode that authenticates to the stager server using an authentication token. The server validates client requests before sending the second stage, enhancing security in the staging process

License

Notifications You must be signed in to change notification settings

anonghost-sec/AuthStager

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AuthStager

AuthStager is a proof-of-concept tool that generates a custom stager shellcode that authenticates to the stager server using an authentication token. The server validates client requests before sending the second stage, enhancing security in the staging process. The detailed information regarding this project is explained in this blog post: Stage, But Verify

Features

  • Generates stager shellcode with request authentication.
  • Configurable token expiration.
  • Compiles into both shellcode and executable formats.

Installation

Prerequisites:

  • Python 3.x
  • pip
  • nasm, make, gcc-mingw-w64-x86-64

Step-by-step Instructions:

  1. Clone the repository:
    git clone https://github.com/HulkOperator/AuthStager.git
    cd AuthStager
  2. Install Python dependencies:
    pip install -r requirements.txt
  3. Install system dependencies:
    sudo apt install nasm make gcc-mingw-w64-x86-64

Usage

To generate a stager shellcode or executable, use the following syntax:

python3 generate_stager.py -f <path-to-payload> -H <C2 IP> -s <port> -t <token count> -x <output format>
  • -f: Path to the payload (e.g., /tmp/havoc.bin).
  • -H: Command and Control (C2) server IP address or Domain.
  • -s: Port on which the server should listen (default: 80).
  • -d: Sacrificial DLL for Stomping (default: C:\Windows\System32\chakra.dll)
  • -t: Number of times the payload can authenticate (default: 1, Max: 5).
  • -x: Output format ('c' for C code, 'raw' for bin file)
  • Example Command
python3 generate_stager.py -f /tmp/havoc.bin -H 192.168.1.122 -s 8080 -t 3 -x c

Demo

The following clip demonstrates the usage of this tool Watch the demo video

Disclaimer

This tool is intended for educational purposes and authorized security testing only. You are solely responsible for ensuring that you have the proper authorization before using this tool. The creator and contributors to this project are not responsible for any damage or legal consequences caused by the use or misuse of this tool. Use it responsibly and legally.

About

AuthStager is a proof-of-concept tool that generates a custom stager shellcode that authenticates to the stager server using an authentication token. The server validates client requests before sending the second stage, enhancing security in the staging process

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C 67.3%
  • Python 30.7%
  • Makefile 1.2%
  • Assembly 0.8%