@adamkramer adamkramer released this Oct 29, 2014 · 3 commits to master since this release

Assets 3

Changes:

•All work is now done in a working copy file called jmp2it-flypaper.out, so this can be reviewed later without modifying the original file

•A check is now done to make sure the offset provided isn't bigger than the file being opened

Pre-release
Pre-release

@adamkramer adamkramer released this Oct 28, 2014 · 5 commits to master since this release

Assets 3

Massive re-write to make it unmanaged code, also a new way of dealing with the pauses (which are now added before the shellcode, rather than swapping bytes of the shellcode out and require them to be put back in by the user)

Also, loads of help data added

Pre-release

@adamkramer adamkramer released this Oct 28, 2014 · 6 commits to master since this release

Assets 3

A call to IsDebuggerPresent() is made is pause_int3 option is used to avoid crashes outside of the debugger

Pre-release

@adamkramer adamkramer released this Oct 28, 2014 · 12 commits to master since this release

Assets 3

Added functionality to allow adding of an additional file handle.
Useful if the file being analysed was extracted from a larger file, which contains the second stage payload and is being searched for by the shell code via it's handle size etc

Pre-release

@adamkramer adamkramer released this Oct 28, 2014 · 12 commits to master since this release

Assets 3

Added functionality to allow adding of an additional file handle. Useful if the file being analysed was extracted from a larger file, which contains the second stage payload and is being searched for by the shellcode via it's handle

Pre-release
v1
Pre-release

@adamkramer adamkramer released this Oct 27, 2014 · 19 commits to master since this release

Assets 3

V1 - Tested and believed to be working