0002400: Windows Binary - shellcodeexec

ID	Project	Category	View Status	Date Submitted	Last Update

0002400	Kali Linux	New Tool Requests	public	2015-07-08 08:01	2017-07-18 13:52

Reporter	g0tmi1k	Assigned To
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	won't fix

Summary	0002400: Windows Binary - shellcodeexec
Description	Name: shellcodeexec Homepage: https://github.com/inquisb/shellcodeexec Download: https://github.com/inquisb/shellcodeexec/archive/master.zip Description: execute in memory a sequence of opcodes Features: Can be compiled and works on POSIX (Linux/Unices) and Windows systems. Can be compiled and works on 32-bit and 64-bit architectures. As far as I know, no AV detect it as malicious. Works in DEP/NX-enabled environments: it allocates the memory page where it stores the shellcode as +rwx - Readable Writable and eXecutable. It supports alphanumeric encoded payloads: you can pipe your binary-encoded shellcode (generated for instance with Metasploit's msfpayload) to Metasploit's msfencode to encode it with the alpha_mixed encoder. Set the BufferRegister variable to EAX registry where the address in memory of the shellcode will be stored, to avoid get_pc() binary stub to be prepended to the shellcode. Spawns a new thread where the shellcode is executed in a structure exception handler (SEH) so that if you wrap shellcodeexec into your own executable, it avoids the whole process to crash in case of unexpected behaviours.

Date Modified	Username	Field	Change
2015-07-08 08:01	g0tmi1k	New Issue
2017-07-18 13:52	g0tmi1k	Note Added: 0006918
2017-07-18 13:52	g0tmi1k	Status	new => closed
2017-07-18 13:52	g0tmi1k	Resolution	open => won't fix

g0tmi1k 2017-07-18 13:52 administrator ~0006918	Handy thing, however I don't think the project is big enough/effects enough people for this to be included into Kali.