Where is the final file saved?

D3Ext / Hooka

Shellcode loader generator with multiples features

MIT License

213 stars 30 forks source link

Where is the final file saved? #1

Closed tailerbro closed 1 year ago

tailerbro commented 1 year ago

Hello boss. please tell me, where is the final shellcode saved?
Untitled

D3Ext commented 1 year ago

What do you mean? The image shows how the shellcode is injected on the same thread, it takes the shellcode (in this case it's generated with msfvenom) from a file (in this case called shellcode.bin). This doesn't generates a new shellcode

D3Ext commented 1 year ago

The purpose of the tool is evading basic AV analysis via injecting shellcode on memory

tailerbro commented 1 year ago

Understood, I meant that the shellcode.bin remains the same, the file is not changed in any way . I thought maybe a patched shellcode.bin file was created and saved somewhere else.

D3Ext commented 1 year ago

No problem. If you want to convert a binary to shellcode you can use Donut, it has a lot of different options and formats for your shellcode