Locked PELoader: implement various shellcode injection techniques

By itsMe
February 22, 2022 in Pentesting

Followers 0

Start new topic

Recommended Posts

itsMe

Posted February 22, 2022

- Share

Posted February 22, 2022

This is the hidden content, please

PELoader implement various shellcode injection techniques, and use libpeconv library to load encrypted PE files instead of injecting shellcode into remote thread.

Following techniques were implemented:

    Module Stomping (LoadLibrary)
    Module Stomping (NtMapViewOfSection)
    Transacted Hollowing
    Ghostly Hollowing
    NtMapViewOfSection (RWX-RW-RX)
    NtAllocateVirtualMemory (RW-RX)

Credits: most of my work was based on @hasherezade's PoC scripts.

This is the hidden content, please

Link to comment

Share on other sites

This topic is now closed to further replies.

Followers 0

Go to topic listing

Similar Content
- Windows Process Injection in 2019 - BlackHat USA-19
  
  By dEEpEst, March 16, 2023
  - windows
  - process
  - (and 4 more)
    
    Tagged with:
    
    windows
    
    process
    
    injection
    
    2019
    
    blackhat
    
    usa-19
  - 0 replies
  - 195 views
- Niernen is a Shellcode Obfuscator
  
  By itsMe, March 15, 2023
  - niernen
  - shellcode
  - (and 1 more)
    
    Tagged with:
    
    niernen
    
    shellcode
    
    obfuscator
  - 0 replies
  - 140 views
- RedTeam Tools - Tools and Techniques for Red Team / Penetration Testing
  
  By itsMe, March 14, 2023
  - penetration
  - team
  - (and 7 more)
    
    Tagged with:
    
    penetration
    
    team
    
    red
    
    techniques
    
    for
    
    and
    
    tools
    
    testing
    
    redteam
  - 0 replies
  - 258 views
- OWASP TOP 10: SQL injection ~ 2023
  
  By itsMe, March 8, 2023
  - owasp
  - top
  - (and 4 more)
    
    Tagged with:
    
    owasp
    
    top
    
    10:
    
    sql
    
    injection
    
    2023
  - 0 replies
  - 150 views
- Wanderer - An open-source process injection enumeration tool
  
  By itsMe, March 2, 2023
  - wanderer
  - open-source
  - (and 4 more)
    
    Tagged with:
    
    wanderer
    
    open-source
    
    process
    
    injection
    
    enumeration
    
    tool
  - 0 replies
  - 169 views

Sign In

Locked PELoader: implement various shellcode injection techniques

Recommended Posts

itsMe

Link to comment

Share on other sites

Similar Content

Windows Process Injection in 2019 - BlackHat USA-19

Niernen is a Shellcode Obfuscator

RedTeam Tools - Tools and Techniques for Red Team / Penetration Testing

OWASP TOP 10: SQL injection ~ 2023

Wanderer - An open-source process injection enumeration tool

Browse

Activity

Store

Important Information