New posts

Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

PELoader: implement various shellcode injection techniques

Thread starter itsMe
Start date Feb 22, 2022
Tags

implement injection peloader: shellcode techniques various

Status: Not open for further replies.

itsMe

KillmeMories

Staff member

Administrator

Super Moderator

Hacker

Specter

Crawler

Shadow

‎6 Years of Service‎

76%

Feb 22, 2022

#2 of 1

PELoader implement various shellcode injection techniques, and use libpeconv library to load encrypted PE files instead of injecting shellcode into remote thread.

Following techniques were implemented:

    Module Stomping (LoadLibrary)
    Module Stomping (NtMapViewOfSection)
    Transacted Hollowing
    Ghostly Hollowing
    NtMapViewOfSection (RWX-RW-RX)
    NtAllocateVirtualMemory (RW-RX)

Credits: most of my work was based on @hasherezade's PoC scripts.

Status: Not open for further replies.

Facebook X (Twitter) LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…

Back

Top

IP Tools

Basic Encoders/Decoders

Hash Generators

Classical Ciphers

Modern Cryptography

Other Tools

PELoader: implement various shellcode injection techniques

itsMe

KillmeMories

PELoader: implement various shellcode injection techniques

itsMe

*KillmeMories*

KillmeMories