Posts

checksec: [*] '/home/kkkk/code/start' Arch: i386-32-little RELRO: No RELRO Stack: No canary found NX: NX disabled PIE: No PIE (0x8048000) disassem: Dump of assembler code for function _start: => 0x08048060 <+0>: push esp 0x08048061 <+1>: push 0x804809d 0x08048066 <+6>: xor eax,eax 0x08048068 <+8>: xor ebx,ebx 0x0804806a <+10>: xor ecx,ecx 0x0804806c <+12>: xor edx,edx 0x0804806e <+14>: push 0x3a465443 0x08048073 <+19>: push 0x20656874 0x08048078 <+24>: push 0x20747261 0x0804807d <+29>: push 0x74732073 0x08048082 <+34>: push 0x2774654c 0x08048087 <+39>: mov ecx,esp 0x08048089 <+41>: mov dl,0x14 0x0804808b <+43>: mov bl,0x1 0x0804808d <+45>: mov al,0x4 0x0804808f <+47>: int 0x80 0x08048091 <+49>: xor ebx,ebx 0x08048093 <+51>: mov dl,0x3c 0x08048095 <+53>: mov al,0x3 0x08048097 <+55>: int 0x80 0x08048099 <+57>: add esp,0x14 0x0804809c <+60>: ret End of assembler dump....

I made a repository of Windows Shellcode runners: cpp-shellcode. Here are some introductions: cpp-shellcode is A repository of Windows Shellcode runners. The applications load and execute Shellcode using various API calls or techniques. ❤️ THANKS @go-shellcode The available Shellcode runners include: CreateFiber CreateRemoteThread CreateThread EtwpCreateEtwThread NtQueueApcThreadEx-Local CreateFiber This application leverages the Windows CreateFiber function from the Kernel32.dll to execute shellcode within this application’s process. This is usefull when you want to avoid remote process injection and want to avoid calling CreateThread....