search

TheWover / donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
BSD 3-Clause "New" or "Revised" License
3.38k stars 610 forks source link

donut dll #120

Closed djn3m0 closed 1 year ago

djn3m0 commented 1 year ago

Hi,

I can donut a .exe file and its loading with no issue, but I when I donut a .dll i cannot load it,

$ ./donut test.dll 

  [ Donut shellcode generator v0.9.3
  [ Copyright (c) 2019 TheWover, Odzhan

  [ Instance type : Embedded
  [ Module file   : "test.dll"
  [ Entropy       : Random names + Encryption
  [ File type     : DLL
  [ Function      : DllMain
  [ Target CPU    : x86+amd64
  [ AMSI/WDLP     : continue
  [ Shellcode     : "loader.bin"

and im executing it simply like ((void(*) ())donut)(); from a C program. Please let me know if i can provide any more detail and how.

Im testing on Windows 10 x64 and my DLL is also built as x64 Release.

Thanks Thanks

TheWover commented 1 year ago

Try the dev branch.

djn3m0 commented 1 year ago

is there anyway that i can specify which exported function i want to be the entry point?

TheWover commented 1 year ago

Yes, there is a -m parameter that lets you specify an exported function name.

djn3m0 commented 1 year ago

Thanks