Problem with msfvenom reverse shell shellcodes

arget13 / DDexec

A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.

GNU General Public License v3.0

791 stars 83 forks source link

Problem with msfvenom reverse shell shellcodes #3

Closed jfma7 closed 2 years ago

jfma7 commented 2 years ago

Hello:

If I try to run a msfvenom shellcode that executes an action, it works perfectly with the ddsc.sh module.

But if I generate a msfvenom reverse shell shellcode, the program is not working.

Regards

arget13 commented 2 years ago

Hi, I have found that this shellcodes relay on having space in the stack above the rsp. The ROP leaves the sp pointing right at the top of the stack, so they fail. I will have to fix this by decreasing the sp before executing the shellcode...