TH3xACE
commented
1 month ago There seems to be an issue with the loader
Closed TH3xACE closed 3 weeks ago
TH3xACE
commented
1 month ago There seems to be an issue with the loader
nbaertsch
commented
1 month ago What sort of shellcode did you run? What windows version? The current remote implementation uses puppy which I discovered does not work on Win 11. Otherwise, I'll need some more information to effectively trouble shoot this one. Can you test with some simple shellcode like popping a message box?
TH3xACE
commented
1 month ago Win10 + Shellcode RTL/WAIT from a commercial C2 .. ok will try to run a simple shellcode thanks
TH3xACE
commented
1 month ago one question what is the format of shellcode expected... is it some like
shellcode.bin byte[] my_buf = new byte[35797] { 0xe8,0xc0,0x29,0x00,0x00,0xc0,0x29,...}
or only 0xe8,0xc0,0x29,0x00,0x00,0xc0,0x29
nbaertsch
commented
3 weeks ago Raw binary file. Sounds like your using Brute Ratel which I know works. Save the shellcode file and use the raw binary.
The code correctly get the shellcode from a web server but it crashed afterwards. We can see that werfault is executed as sub-process due to the error/bug.
Description: The process was terminated due to an unhandled exception. Exception Info: exception code c000001d, exception address 0000020F1EBF0000