A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this project up as I learn, discover or develop more techniques. Some techniques are better than others at bypassing AV.
The original technique uses ROP chains to call VirtualProtect, as I am only passing the first three parameters to VirtualProtect using the NtQueueApcThread the stack may be corrupt. Needs further investigation.
**Message**
"Arithmetic operation resulted in an overflow." string
**Source**
"mscorlib"
**StackTrace**
"at System.IntPtr.op_Explicit(IntPtr value)\r\n at ShellcodeInjectionTechniques.AtomBomb.Run(Process target, Byte[] shellcode) in C:\\Users\\John\\source\\repos\\ShellcodeInjectionTechniques\\ShellcodeInjectionTechniques\\Techniques\\AtomBomb.cs:line 110\r\n at ShellcodeInjectionTechniques.Program.Main(String[] args) in C:\\Users\\John\\source\\repos\\ShellcodeInjectionTechniques\\ShellcodeInjectionTechniques\\Program.cs:line 43"
Atom Bombing Technique
Sometimes this line throws an overflow exception:
The original technique uses ROP chains to call
VirtualProtect
, as I am only passing the first three parameters toVirtualProtect
using theNtQueueApcThread
the stack may be corrupt. Needs further investigation.