Salsa-tools | A Collaboration of Tools For a Reverse Shell on Steroids

Salsa-tools is a collection of three tools  programmed with C# used to take over a windows machine and bypass AV and get a reverse shell without the need for PowerShell on the victim machine. Salsa-Tools combines three different ingredients: – EvilSalsa – EncrypterAssembly – SalseoLoader

Installation


To install the Tool we will need a machine that got VScode installed
1 – Go to Github Repository

2 – If you don’t have VSCode install it from here VScode Download Link

3 – Navigate to Location of the Tool {YOURPATH}\Salsa-tools-master\SalseoLoader\SalseoLoader
3.1 Open Program.cs with VScode
3.2 You will add some code to the file and we will compile it
3.3 The code is here Code

3.4 Create a file in the same directory named args.txt with this code Code Link and save it

3.5 Press Ctrl+Shift+B or Click Terminal "Run Build Test"
A File will be created called SalseoLoader.exe

Usage


N.B: In this usage scenario we will use another tool called Evil Winrar Gen Link Proof Of Concept RCE Winrar CVE-2018-20250
To make the attack more real

After Compiling and creating SalseoLoader.exe We will now Encrypt System.Management.Automation.dll Which we will rename in this scenario EvilSalsa.dll
1 – Open Terminal and Visit {YOURPATH}\Salsa-tools-master\EncrypterAssembly\
2 – Execute script with argument {file} {password} {ouputfile} | See Below

3 – Now we will create the Fake Rar File with Evil Winrar Gen ./evilWinrar.py -e SalseoLoader.exe -g picture.jpg
SalseoLoader is the Payload we created in the Installation Section, Picture.jpg can be any picture or a file you want to compress in order to deceive the victim

4 – Now we send the rar file to our victim, Once they extract the RAR the picture attached will be extracted and SalseoLoader.exe we be placed in Startup Folder
5 – Open Terminal and Netcat listen on the port you used in args.txt

6 – Once victim reboots you will get a reverse connection

What Bunny Rating Does it Get?


Pros

– Fully Undetected
– Easy to use
– Silent Mode

Cons

– Requires Winrar 5.70
– Requires C# Knowledge to create payloads

Want To Learn More About Ethical Hacking?

We have a networking hacking course that is of a similar level to OSCP, get an exclusive 95% discount HERE

Do you know of another GitHub related hacking tool?

Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.

Related posts

BruteDum- A network attack bruteforce tool

MHDDoS – A DDoS Attack Script With Over 50 Different Methods

A Review of DNS Enumeration Tool: DNSEnum