diff options
| author | Matt Graeber <mattgraeber@gmail.com> | 2013-05-31 19:35:26 -0400 |
|---|---|---|
| committer | Matt Graeber <mattgraeber@gmail.com> | 2013-05-31 19:35:26 -0400 |
| commit | dfec277813bfbc956dcac45345a9158093d68343 (patch) | |
| tree | f205c4c4d6e81f33ace8086bbf63881ffc12dd51 /CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/readme.txt | |
| parent | 6e5338c8a34ade0ec0a4704031109fb5187620f8 (diff) | |
| download | PowerSploit-dfec277813bfbc956dcac45345a9158093d68343.tar.gz PowerSploit-dfec277813bfbc956dcac45345a9158093d68343.zip | |
Added Invoke-ReflectivePEInjection
Another awesome addition from Joe Bialek. Invoke-ReflectivePEInjection
is a vast improvement over Invoke-ReflectiveDllInjection. It adds the
following features:
* Now supports loading exe files in memory
* Supports reflective dll injection into a remote process
* Additional sample Visual Studio solutions
Diffstat (limited to 'CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/readme.txt')
| -rw-r--r-- | CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/readme.txt | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/readme.txt b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/readme.txt new file mode 100644 index 0000000..1454ca8 --- /dev/null +++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/readme.txt @@ -0,0 +1,12 @@ +This contains the assembly code I used to build the shellcode the PowerShell script uses. Some of the assembly isn't included beause I didn't save it, this should just be for the SUPER easy stuff like moving an address to EAX and returning. + +Compile: +x64: +nasm -f elf64 FileName.asm +ld -o FileName FileName.o +objdump -M intel -d FileName + +x86: +nasm FileName.asm +ld -o FileName FileName.o +objdump -M intel -d FileName
\ No newline at end of file |