LBRY Block Explorer

LBRY Claims • salsatools-salsa-tools-install-setup

8f71e163611cfcd5a9d4303cacb4aee25696b346

Published By
Anonymous
Created On
13 Jan 2025 18:38:02 UTC
Transaction ID
Cost
Safe for Work
Free
Yes
SalsaTools (Salsa Tools) Install & Setup!šŸ”„
#Salsatools #Install #Setup!<br />#Hackplayers/#Salsa-tools<br />Salsa Tools - #ShellReverse #TCP/#UDP/#ICMP/#DNS/#SSL/#BINDTCP and #AV bypass, #AMSI patched<br /><a href="https://github.com/Hackplayers/Salsa-tools" target="_blank" rel="nofollow">https://github.com/Hackplayers/Salsa-tools</a><br /><br />Salsa Tools - ShellReverse TCP/UDP/ICMP/DNS/BINDTCP and AV bypass, AMSI patched <br /><br />#Installing #Salsa-Tools<br />#TCP #UDP #ICMP #DNS #BINDTCP<br />#AVbypass<br />#AV-bypass<br /><br />Salsa Tools - An AV-Safe Reverse Shell dipped on bellota sauce<br /><br />Salsa Tools is a collection of three different tools that combined, allows you to get a reverse shell on steroids in any Windows environment without even needing #PowerShell for it's execution. In order to avoid the latest detection techniques (AMSI), most of the components were initially written on C#. Salsa Tools was publicly released by Luis Vacas during his Talk ā€œInmersión en la explotación tiene rimaā€ which took place during h-c0n in 9th February 2019.<br /><a href="https://github.com/Hackplayers/Salsa-tools" target="_blank" rel="nofollow">https://github.com/Hackplayers/Salsa-tools</a><br /><br />#EvilSalsa is the key ingredient of this recipe. It contains the #payload, which is executed on the system as it follows: as soon as the payloads starts, it runs System.Management.Automation.dll which creates a runspace . Within that runspace we have four types of shells (TCP / UDP / ICMP / DNS / BINDTCP). Once EvilSalsa is loaded, first thing first, the existence of c:\windows\system32\amsi.dll is checked. If it exists, it is patched using a home-cooked variant of #CyberArk and #Rastamouse bypasses.<br /><br />Mixing #EncrypterAssembly and #Evilsalsa<br />#EncrypterAssembly can be used as a Python script or as a Exe binary. It encrypts the previously generated EvilSalsa.<br /><br />#Python usage:<br /><br />python encrypterassembly.py<br /><br />Bringing the Encrypted EvilSalsa to the table with SalseoLoader<br /><br />#SalseoLoader is in charge of loading the encrypted payload. Can be both compiled as a library or as an executable. If it is run as an executable, the chosen arguments must be provided when the executable is run. If it is compiled as a library, the descriptor "main" must be exported. Arguments are added using environmental variables.<br /><br />Visual Studio 2017 (or similar)<br /><br />Visual Studio 2017<br /><br />Full-featured integrated development environment (IDE) for Android, iOS, Windows, web, and cloud<br />Powerful IDE, free for students, open-source contributors, and individuals<br /><br /><a href="https://visualstudio.microsoft.com/downloads/" target="_blank" rel="nofollow">https://visualstudio.microsoft.com/downloads/</a><br /><br /><br />AV bypass<br />Antivirus bypass<br />Antivirus-bypass<br />Bypass Antivirus<br />Bypass-Antivirus<br />#BypassAV<br />#Bypass-AV<br />Bypass AV<br />Bypass AVS<br /><br />#AMSI patched<br />patched #AMSIS<br />AMSI is a generic interface standard that allows applications and services to integrate with any #antimalware product present on a machine. It provides enhanced #malware protection for users and their data, applications and workloads.<br /><br />AMSI is antimalware vendor agnostic, designed to allow for the most common malware scanning and pro<br />...<br /><a href="https://www.youtube.com/watch?v=kLxWe1FrdLc" target="_blank" rel="nofollow">https://www.youtube.com/watch?v=kLxWe1FrdLc</a>
Author
Content Type
Unspecified
video/mp4
Language
Unspecified
Open in LBRY