What Shellter is…NOT!

I have seen crazy things being said online about this project. People talking about it without having any clue about what Shellter really is (doing).
The funniest thing about it, is when people actually blame the tool itself while they totally use it in the wrong way; feeding to the tool whatever might come to their head. NO KIDDING!

What Shellter is NOT:
i) packer
ii) crypter
iii) executable obfuscator
iv) whatever you think it is

Shellter doesn’t pack executables, doesn’t encrypt them, and/or obfuscate them. Yes, shellter can ‘encrypt’, obfuscate etc…etc.., but these things refer to the code that you inject and not to the entire executable that your are infecting.

The concept behind Shellter is Dynamic PE Infection.
In a few words, instead of using the same well-known methods that everyone else is using (for the past 30 years or so) to inject shellcode into LEGITIMATE standalone executables, Shellter will take in consideration the execution flow of the application itself.

You CAN’T embed an executable file into another executable (.exe) using Shellter (unless it can be loaded reflectively). YOU CAN’T!!!

Shellter understands two things to inject into a LEGITIMATE executable; shellcode, and DLLs that export a reflective loader function.

I have seen people trying to use Shellter to infect trojans generated by metasploit or by other frameworks. DO NOT DO THAT!!!

RTFM!

Cheers,
kyREcon