Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ReversingID/Shellcode-Loader

Open repository for learning dynamic shellcode loading (sample in many programming languages)
https://github.com/ReversingID/Shellcode-Loader

crypter payload shellcode shellcode-loader

Last synced: 3 months ago
JSON representation

Open repository for learning dynamic shellcode loading (sample in many programming languages)

Host: GitHub
URL: https://github.com/ReversingID/Shellcode-Loader
Owner: ReversingID
Created: 2021-08-08T08:53:03.000Z (about 3 years ago)
Default Branch: master
Last Pushed: 2024-08-04T00:48:38.000Z (3 months ago)
Last Synced: 2024-08-04T02:53:18.403Z (3 months ago)
Topics: crypter, payload, shellcode, shellcode-loader
Language: C++
Homepage:
Size: 323 KB
Stars: 199
Watchers: 9
Forks: 41
Open Issues: 0
Metadata Files:
- Readme: README.EN.md

Awesome Lists containing this project

awesome-hacking-lists - ReversingID/Shellcode-Loader - Open repository for learning dynamic shellcode loading (sample in many programming languages) (C++)

README

# Shellcode Loader

Open repository for learning dynamic shellcode loading.

### Disclaimer

This repository is used to collect information related to loading shellcode into memory which usually used by implants. This repository is open for public, publicly accessible to anyone.

### Content

The codes are classified into several categories based on platform (OS) and techniques. Each directory refer to specific technique and contain brief introduction as well as simple implementation in certain programming language (mostly in C/C++).

Note: the techniques will focus on x86 architecture, unless told otherwise.

### Shellcode Overview

`Shellcode` is a piece of code/instructions which carefully crafted to execute specific action. In exploitation, shellcode is used as payload which will be injected to system (or application).

Theoretically, shellcode can do anything. In early time, shellcode is just list of instructions which will spawn a shell. Then, shellcode evolve and has various actions such as create user, delete data, etc.

For collection of shellcodes, go to [shellcodes repository](https://github.com/ReversingID/shellcodes).

For collection of process injection techniques, go to [injection repository](https://github.com/ReversingID/injection).

For simplicity, shellcode used in the sample will be:

```
# 9090CCC3

0000: 90 nop
0001: 90 nop
0002: CC in3
0003: c3 ret
```

### Techniques

This repository will cover basic process in shellcode loading:
- `allocation`: how to allocate memory to store shellcode temporary (as code).
- `storage`: how to store shellcode.
- `execution`: how to execute shellcode.
- `writing`: how to write code to memory (self), either directly copy or using any transformation.

Some techniques use API provided by the OS, directly or indirectly.