FEATURES:
- GPU Sleep Mask; when the main payload goes to sleep, (cobalt strike does that for a minute by default), warzone will be able to detect that sleep, during this time, we can't connect and run our commands, so why leave our payload there? the payload will be encrypted at run time, and moved to the GPU storage, in which the av engine can't reach.
- Each cycle, the payload will be encrypted with a different key.
- While the payload is in the GPU, the rwx memory part, is then turned to a read only memory, which leaves no indicators of a payload in memory.
- Warzone runs with unhooked syscalls, obtained dynamically at runtime.
- The only requirement is having visual studio 2019 or higher on your build machine, and the builder will do the rest.
- Warzone will be able to load any shellcode, but since it offers a custom sleep mask, it works best with cobalt strike, and because of this, it comes with a special profile that will modify some runtime functionalities of cobalt’s reflective loader, allowing it to work with warzone in a better way.
- it uses ipfuscation to obfusticate the shellcode [ipv6].
- Warzone comes with the following features:
- Persistence: Through recycle bin, whenever the user opens the recycle bin, our loader will be executed instead, and to ensure persistence, we made a scheduled task to open recycle bin (won't appear).
- Sandbox detection: warzone monitors the mouse movements, as well as executing 2 other functions, that are related to the time of the machine.
- Self Deletion: warzone can be deleted directly when double clicked, this means it can live and function in memory and not on the disk.
- Entropy fix: this adds about 1kb to the total loader, here, we add some English words, to lower the entropy
It comes with a java Gui builder, although simple but saves much time than compiling manually, or writing the configuration file:
ill be only selling limited number of clients, The final price for warzone (including the builder / cs profile / source code) is 400$ , this will include bugfix later on.
For any questions or further details, please let me know, ill discuss everything privately. I have both jabber and tox, and I'm open for business.
In case you want a demo, I'll send you a video or whatever that suits you.
i don't mind criticism...
- GPU Sleep Mask; when the main payload goes to sleep, (cobalt strike does that for a minute by default), warzone will be able to detect that sleep, during this time, we can't connect and run our commands, so why leave our payload there? the payload will be encrypted at run time, and moved to the GPU storage, in which the av engine can't reach.
- Each cycle, the payload will be encrypted with a different key.
- While the payload is in the GPU, the rwx memory part, is then turned to a read only memory, which leaves no indicators of a payload in memory.
- Warzone runs with unhooked syscalls, obtained dynamically at runtime.
- The only requirement is having visual studio 2019 or higher on your build machine, and the builder will do the rest.
- Warzone will be able to load any shellcode, but since it offers a custom sleep mask, it works best with cobalt strike, and because of this, it comes with a special profile that will modify some runtime functionalities of cobalt’s reflective loader, allowing it to work with warzone in a better way.
- it uses ipfuscation to obfusticate the shellcode [ipv6].
- Warzone comes with the following features:
- Persistence: Through recycle bin, whenever the user opens the recycle bin, our loader will be executed instead, and to ensure persistence, we made a scheduled task to open recycle bin (won't appear).
- Sandbox detection: warzone monitors the mouse movements, as well as executing 2 other functions, that are related to the time of the machine.
- Self Deletion: warzone can be deleted directly when double clicked, this means it can live and function in memory and not on the disk.
- Entropy fix: this adds about 1kb to the total loader, here, we add some English words, to lower the entropy
It comes with a java Gui builder, although simple but saves much time than compiling manually, or writing the configuration file:
ill be only selling limited number of clients, The final price for warzone (including the builder / cs profile / source code) is 400$ , this will include bugfix later on.
For any questions or further details, please let me know, ill discuss everything privately. I have both jabber and tox, and I'm open for business.
In case you want a demo, I'll send you a video or whatever that suits you.
i don't mind criticism...
Последнее редактирование модератором:
