Skip to content

@adamkramer adamkramer released this Oct 29, 2014 · 3 commits to master since this release

Changes:

•All work is now done in a working copy file called jmp2it-flypaper.out, so this can be reviewed later without modifying the original file

•A check is now done to make sure the offset provided isn't bigger than the file being opened

Assets 3
Pre-release
Pre-release

@adamkramer adamkramer released this Oct 28, 2014 · 5 commits to master since this release

Massive re-write to make it unmanaged code, also a new way of dealing with the pauses (which are now added before the shellcode, rather than swapping bytes of the shellcode out and require them to be put back in by the user)

Also, loads of help data added

Assets 3
Pre-release

@adamkramer adamkramer released this Oct 28, 2014 · 6 commits to master since this release

A call to IsDebuggerPresent() is made is pause_int3 option is used to avoid crashes outside of the debugger

Assets 3
Pre-release

@adamkramer adamkramer released this Oct 28, 2014 · 12 commits to master since this release

Added functionality to allow adding of an additional file handle.
Useful if the file being analysed was extracted from a larger file, which contains the second stage payload and is being searched for by the shell code via it's handle size etc

Assets 3
Pre-release

@adamkramer adamkramer released this Oct 28, 2014 · 12 commits to master since this release

Added functionality to allow adding of an additional file handle. Useful if the file being analysed was extracted from a larger file, which contains the second stage payload and is being searched for by the shellcode via it's handle

Assets 3
Pre-release
v1
Pre-release

@adamkramer adamkramer released this Oct 27, 2014 · 19 commits to master since this release

V1 - Tested and believed to be working

Assets 3
You can’t perform that action at this time.