search

MastMind / PE-infector

Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)
49 stars 19 forks source link

I get an error #2

Open terogaming opened 3 months ago

terogaming commented 3 months ago

PE-infector -i gta_sa.exe -o injected.exe -s shellcode.raw -m resz That binary has 32bit arch That is EXE file EntryPoint: 0x00424570 ImageBase: 0x00400000 File alignment: 0x00000200 size of shellcode: 1083492 Infection error -3

MastMind commented 3 months ago

I guess your shellcode is a very big (1083492 is a such big size). The resz technique can resize the original PE section, but it is not possible to resize the section endlessly, because .exe has other sections and when all of the section will mapped to memory the resized section could be overlapped with others. The overlaped sections always spoils a program. It is reason why I'd added limitations on the resz.

Please try an another shellcode. From the my practice the best size is less than 1000 bytes but it depends of the target .exe

In the next update I'm planning to add then new techinque for patching without resizing