Open fionafibration opened 8 years ago
KernelEquinox
commented
8 years ago Sure thing! Just replace the $sc variable with your desired payload and it should work fine. I'm also working on remaking the INO file to make it a little more dev-friendly; I should have a dev branch pushed sometime today.
fionafibration
commented
8 years ago Don't you need to initialize kernel32.dll in a different way to run your own, say, the metasploit you got pwned (speech synthesis) shellcode. I haven't even written shellcode before(I am only 14 years old and just playing around with this advanced powershell), just wondering what I can run with the default variables. Nice code, by the way.
On Tue, Aug 23, 2016 at 8:27 AM, cry0 notifications@github.com wrote:
Sure thing! Just replace the $sc variable with your desired payload and it should work fine. I'm also working on remaking the INO file to make it a little more dev-friendly; I should have a dev branch pushed sometime today.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/KernelEquinox/Teensyterpreter/issues/10#issuecomment-241749122, or mute the thread https://github.com/notifications/unsubscribe-auth/AQDJZITtePxCjzYkZa1ZQBGDZdpPqEvrks5qiwNtgaJpZM4Jpa5t .
KernelEquinox
commented
8 years ago Thanks! And nah, just pop your own shellcode into the $sc variable and you're good to go. It allocates space in memory with VirtualAlloc() and populates it with memset(), then runs CreateThread() to execute the payload.
fionafibration
commented
8 years ago Doesn't it set up where registers go, like the network IP? Or is that handled in the shellcode?
On Aug 24, 2016 1:57 PM, "cry0" notifications@github.com wrote:
Thanks! And nah, just pop your own shellcode into the $sc variable and you're good to go. It allocates space in memory with VirtualAlloc() and populates it with memset(), then runs CreateThread() to execute the payload.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
KernelEquinox
commented
8 years ago The kernel32 module just provides the VirtualAlloc() and CreateThread() functions. The IP and port are part of the shellcode.
vKVluPhP
commented
7 years ago what type of payload did u used ? msfvenom generates longer shellcode from windows/powershell_reverse_tcp, although msf listener could not establish connection. did u used encoder ?
fionafibration
commented
7 years ago I used the default, that is already in the code.
On Sep 27, 2016 1:26 PM, "vKVluPhP" notifications@github.com wrote:
what type of payload did u used ? msfvenom generates longer shellcode from windows/powershell_reverse_tcp, although msf listener could not establish connection. did u used encoder ?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/KernelEquinox/Teensyterpreter/issues/10#issuecomment-249971468, or mute the thread https://github.com/notifications/unsubscribe-auth/AQDJZFvmAgdqbcpDuU7LVeqMNnSjEvevks5quW35gaJpZM4Jpa5t .
How would one go about replacing the payload here with another? Can the current kernel32 stuff be used, or would you have to make your own? I want to be able to use my own encoded shellcode. Thanks, and thank you for making this.