scl1584547293
commented
4 months ago Thank you very munch. This is very helpful to me.
Closed scl1584547293 closed 4 months ago
scl1584547293
commented
4 months ago Thank you very munch. This is very helpful to me.
ufrisk
commented
4 months ago Awesome and thanks for letting me know. I hope you'll find this project useful.
I'm not sure what you mean here. But the KMD shellcodes are found here: https://github.com/ufrisk/pcileech/tree/master/pcileech_shellcode
There are some documentation here: https://github.com/ufrisk/pcileech/blob/master/pcileech_shellcode/info_kmd_core.txt
In general those shellcodes are inserted with with some help from PCILeech which will feed correct addresses into some places and also pcileech will insert the hook that will hi-jack execution for a short while.
The shellcodes in general load via stage1, stage2 (which will also spawn a system thread) which will be used to execute the stage3 shellcode.