Bug - Load shellcode from Linux server

BlWasp / rs-shell

A dirty PoC for a reverse shell with cool features in Rust

GNU General Public License v3.0

165 stars 17 forks source link

Bug - Load shellcode from Linux server #3

Closed Nariod closed 7 months ago

Nariod commented 7 months ago

Hello there,

There seems to be an issue when trying to remotely load shellcode - either with load -s or syscalls -s from a Linux rs-shell server :

My goal is to use Rs-shell as a stage 0 implant and use it to load a stage 1 shellcode such as Sliver or Havoc without writing anything related to the stage 1 to disk.

All the best, Nariod

BlWasp commented 7 months ago

General Kenobi,

I have found the issue. Basically, load * and syscalls * permit to load a shellcode or a PE that is already presents on the client machine disk. For the moment, it is not possible to load the shellcode or the PE from the server machine. I thought I had set up a shellcode transfer through the TCP tunnel, but it seems not. I have to rewrite the code.

BlWasp commented 7 months ago

Hi ! Now fixed !

It is now possible to load and execute a shellcode from the server's disk to the client machine, without writing the shellcode on its disk. Take a look at the latest commit and release 😃 I've made a few slight changes.