Closed spookycheekybreeky closed 2 years ago
Hey, I'm glad that you like my work and experimenting with it :)
It can work with .net PE generally but since the injection overwrites a single function a complete rat as a shellcode might be too big for it.
I suggest you to either:
Thx for your reply,
Im gonna look into FunctionHijacking (its looking definitely better for my use case), but im still gonna use your repo for small use case like spawning a process or runing shell command in general !
Thx. (you can mark this issue as close)
Hi , is your beautiful peace of work working with .net assembly ?
Im trying to run a .net assembly shellcode generated with the donuts tools from TheWover. https://github.com/TheWover/donut
the .net PE i converted is a asyncrat PE, when i try to inject it inside a process (i had to remove the max shellcode lengh because shellcode is 147k bytes long) but i get no connection back / the asssembly is not starting ?
is this even possible to work with a .net PE?
sorry for retarded question but im really noy good with shellcode stuff.