Skip to content
/ python-bof-runner Public

Python inline shellcode injector that could be used to run BOFs by leveraging BOF2shellcode

License

MIT license
5 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

naksyn/python-bof-runner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
bof-runner.gif
bof-runner.gif
 
 
injector.py
injector.py
 
 

Repository files navigation

python-bof-runner

Python inline shellcode injector that could be used to run BOFs by leveraging BOF2shellcode

Python can be used to run Cobalt Strike's BOFs by using previous work from Trustedsec and FalconForce, one can pick a BOF and use BOF2Shellcode to embed the shellcode in a python injector.

HowTo

  1. clone bof2shellcode

  2. grab an x64 BOF

  3. create the shellcode blob containing the converted BOF and COFFloader:

python3 ./BOF2shellcode/bof2shellcode.py -i ./bofs/tasklist.x64.o -o ./scodes/tasklist.x64.bin

  1. make tasklist.x64.bin easily pastable:

msfvenom -p generic/custom PAYLOADFILE=tasklist.x64.bin -f python > sc_tasklist.txt

  1. paste she shellcode in the injector and update the code accordingly

Demo

About

Python inline shellcode injector that could be used to run BOFs by leveraging BOF2shellcode

Topics

python injection shellcode cobalt-strike bof

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages