Closed Nariod closed 7 months ago
General Kenobi,
I have found the issue. Basically, load *
and syscalls *
permit to load a shellcode or a PE that is already presents on the client machine disk. For the moment, it is not possible to load the shellcode or the PE from the server machine.
I thought I had set up a shellcode transfer through the TCP tunnel, but it seems not. I have to rewrite the code.
Hi ! Now fixed !
It is now possible to load and execute a shellcode from the server's disk to the client machine, without writing the shellcode on its disk. Take a look at the latest commit and release 😃 I've made a few slight changes.
Hello there,
There seems to be an issue when trying to remotely load shellcode - either with
load -s
orsyscalls -s
from a Linux rs-shell server :My goal is to use Rs-shell as a stage 0 implant and use it to load a stage 1 shellcode such as Sliver or Havoc without writing anything related to the stage 1 to disk.
All the best, Nariod