Skip to content

Swayampadhy/ShadowChain

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

86 Commits
ShadowChain
ShadowChain
 
 
payload
payload
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ShadowChain.sln
ShadowChain.sln
 
 

Repository files navigation

ShadowChain

Shadow Chain is a modular DRM enabled dll injector with capabilities of Anti-debugging and persistence. For implementation details, visit -> https://swayampadhy.gitbook.io/root/projects/shadowchain

Features Of ShadowChain

  1. Digital Rights Management(DRM) using volume serial number of the machine
  2. Anti-debugging usig TLS Callbacks
  3. IAT Camoflague
  4. Remote process Dll Injection
  5. Persistence using Startup Folder

How to Execute

  1. Replace payload code in "payload.c" in payload project with your desired payload.
  2. Compile both ShadowChain and payload
  3. Execute on machine
  4. Profit!!

Results

  1. Initial run of ShadowChain

    image

  2. Subsequent Runs Of ShadowChain in Same machine

    image

  3. When the same binary is run under a different machine

    image

  4. Main function being nulled out when debugger is detected

    image

  5. Shadowchain persisting in startup folder after execution

    image

About

A DRM Enabled Dll injector which has anti-debugging and persistence capabilities.

swayam-padhy.gitbook.io/root/projects/shadowchain

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

2 forks
Report repository

Contributors 2

  •  
  •  

Languages