Despite the fact that Shellter v5.3 was just released, I am already working on the next version which will be hopefully out quite soon.
So what’s new in the upcoming Shellter V [5.4] , you might be asking yourself.
Well, the new version introduces the ‘user defined encoding sequence’ feature.
What that means, is that optionally the user will be able to define a custom encoding sequence using the supported encoding operators.
Currently, Shellter makes a random encoding using ADD, XOR, SUB, NOT operations. These are randomly picked in terms of sequence selection and amount. The decoder stub is always assembled afterwards, so this is not static in any way, and as you know Shellter can also randomly obfuscate it.
In the upcoming version you will be able to do something like this:
––encode {!^+!}
What this means for the encoder, is that it will use your defined sequence to encode the payload and whatever else needs to be encoded along with that.
So in this example, the encoder would first perform a NOT operation, then XOR the result with a randomly generated 32-bit key, then add the 32-bit key value to the previous result and finally NOT again the result that came before this step.
If you just wanted to use a NOT operation to encode the whole thing, then ––encode {!} would be the way to go.
As mentioned, this will be an optional feature, which will be documented properly when the time comes.
Shellter will still generate an encoding scheme of its own if you don’t want to make use of this feature, so nothing will change in the way you were used to play with it.
In other words, if you just specify ––encode in the command line, then Shellter will take over the encoding scheme generation process.
Cheers,
kyREcon