Skip to content
/ POC-Mockingjay Public

Implementation of the Process Injection described in the article "Process Mockingjay : Echoing RWX In Userland To Achieve Code Execution"

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

b6e4n/POC-Mockingjay

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
mockingjay_poc
mockingjay_poc
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
mockingjay_poc.sln
mockingjay_poc.sln
 
 

Repository files navigation

POC-Mockingjay

Implementation of the Process Injection described in the article "Process Mockingjay : Echoing RWX In Userland To Achieve Code Execution"

The particularity of this PE is to avoir EDR/AV hooking on typical WinAPI32 functions used for typical process injection. Here, a DLL with already a RWX memory section is used to inject the shellcode.

Source : https://www.securityjoes.com/post/process-mockingjay-echoing-rwx-in-userland-to-achieve-code-execution

Thanks to the OnlyMalware Discord (cc ewby)

Shellcode : Pop a calc.exe

About

Implementation of the Process Injection described in the article "Process Mockingjay : Echoing RWX In Userland To Achieve Code Execution"

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages