-
Unam hello! I asked you how I could extract the shellcode from the miner, so that's it. If shellcode loader is enabled, is the file PE or not?
-
https://github.com/phra/PEzor
#3
-
I am generating shellcode with donut, specifying x64. The CPL loader works as expected, but the binary loader does not:
![output](https://user-images.githubusercontent.com/9327972/127433637-e768f74f-…
-
Hey there - cool project!
I want to use this in a project I'm working on, but am unsure how I would go about hooking the IAT in a remote process.
I've followed [your example](https://hakril.gith…
-
**
......
DWORD offset = 1;
LPBYTE* lpBuffer = (LPBYTE*)VirtualAlloc(0, 1024 * 1024, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
fread(lpBuffer + offset, 1, size, file…
-
Hey @klezVirus,
sorry to bother you again, but I have a few questions/issues. When you have a moment, can you have a look, please?
a) Are you sure the native signatures work correctly?
```
p…
-
Hi,
I want to do path exploration on windows malware, and it's quite complicated to emulate it since there are packers. API, and obfuscation. What I want to do is using miasm to build CFG from its …
-
I installed PEZor by following the guide. To test PEzor, I generated a payload using the following:
![image](https://user-images.githubusercontent.com/79333607/108551266-994e7600-72e7-11eb-8001-7246…
-
I've tried execpl, system, even executing chmod(const char *pathname, mode_t mode) in the code but nothing seems to work.
I do get getuid() == 0, but I can't do anything with that privilege.
EDIT: M…
-
When I try to use a dll as a template, I get this message "Template injection unsupported for x64 DLLs" when I use an "exe" instead of the dll, it works perfectly, is there any alternative to make it …