C++ Exceptions (SEH?) - Githubissues

TheWover / donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

BSD 3-Clause "New" or "Revised" License

3.59k stars 635 forks source link

C++ Exceptions (SEH?) #95

Closed synap5e closed 2 years ago

synap5e commented 2 years ago

I have a x64 PE exe compiled from C++ converted to donut shellcode. It appears the donut shellcode crashes when the module throws/catches an exception.

popl::OptionParser op(...);
try
{   
    op.parse(p_argc, p_argv);
}
    catch (std::exception& e)
{
...

Is this expected/unsupported? I can produce a minimal testcase if that would help.

invictus-0x90 commented 2 years ago

If i recall correctly we had this issue with Donut and the C3 framework a while ago and I'm pretty sure we just used our own SEH wrapper - https://github.com/FSecureLABS/C3/blob/master/Src/Common/FSecure/WinTools/StructuredExceptionHandling.cpp

C3 throws a lot of exceptions and the shellcode is completely stable, so you can get this working

TheWover commented 2 years ago

Yep, if you're doing a lot of C++ exception handling, I recommend using a wrapper for the payload that has more full-featured support for SEH/VEH. I have personally borrowed the one from C3 or Blackbone before.