Idov31
commented
2 years ago Hey, I'm glad that you like my work and experimenting with it :)
It can work with .net PE generally but since the injection overwrites a single function a complete rat as a shellcode might be too big for it.
I suggest you to either:
- Use a stager shellcode to execute the AsyncRat.
- Find other similar alternative like klezVirus's FunctionHijacking that might be a better fit for it.
spookycheekybreeky
Hi , is your beautiful peace of work working with .net assembly ?
Im trying to run a .net assembly shellcode generated with the donuts tools from TheWover. https://github.com/TheWover/donut
the .net PE i converted is a asyncrat PE, when i try to inject it inside a process (i had to remove the max shellcode lengh because shellcode is 147k bytes long) but i get no connection back / the asssembly is not starting ?
is this even possible to work with a .net PE?
sorry for retarded question but im really noy good with shellcode stuff.