FEATURE
- The shellcodified module keeps a state informing whether it was executed, etc
- Added: DLL detach, that allows to cleanly finish execution of a shellcodified DLL
- the shellcodified DLL can be detached simply by a second run (while the first run calls
DllMainwithDLL_PROCESS_ATACH, the second calls it withDLL_PROCESS_DETACH)
- the shellcodified DLL can be detached simply by a second run (while the first run calls
The package contains:
- pe2shc.exe - PE to shellcode converter (supports both 32 and 64 bit PEs)
- a utility to run/test shellcode (loads and deploys):
- runshc32.exe - for 32-bit shellcodes
- runshc64.exe - for 64-bit shellcodes
- a utility to inject shellcode into a given process:
- injector32.exe - for 32-bit shellcodes
- injector64.exe - for 64-bit shellcodes