breakingmalwareresearch / atom-bombing Goto Github PK
View Code? Open in Web Editor NEWBrand New Code Injection for Windows
Home Page: https://breakingmalware.com/injection-techniques/atombombing-brand-new-code-injection-for-windows
Brand New Code Injection for Windows
Home Page: https://breakingmalware.com/injection-techniques/atombombing-brand-new-code-injection-for-windows
Hi,
I tried the PoC after understanding how the atom bombing technique works.
However, I ran into a problem when testing the technique. The injection itself works flawlessly. The problem lies in the shell code itself.
The first LoadLibraryA, which tries to load "kernel32.dll", fails (returns 0). When I do a GetLastError, it returns 0x57 = INVALID_PARAMETER. I checked that LoadLibrary is effectively called with the right parameter (cfr. screenshot, taken just before the call to LoadLibraryA).
I think this problem has nothing to do with the injection technique itself. But it puzzles me why this shellcode won't work.
Environment:
C:\Users\IEUser\Downloads\atom-bombing-master\atom-bombing-master\AtomBombingShellcode\Scripts>py Post_Link.py
Traceback (most recent call last):
File "Post_Link.py", line 31, in
main()
File "Post_Link.py", line 8, in main
exe_path = sys.argv[1]
IndexError: list index out of range
Dear BreakingMalwareResearch,
Hope you are fine. How can i use AtomBombing.exe andAtomBombingShellcode.exe in injecting? Could you please explain us?
I tried to go https://breakingmalware.com/injection-techniques/atombombing-brand-new-code-injection-for-windows but it is not answering my requests.
Thanks.
hi guys first thanks for this great job but i can't find where i put my own shellcode in main.c "AtomBombingShellcode"folder.. can you help please!
My target process is mspaint.exe, and I use windows 10 x64 (build 14393).
how to use this?
I can't compile the code because AtomBombingShellcode.h is missing. I couldn't find it the repository.
Thanks
Why declare char p[]={‘c’,’s’,’/0’}; are not declared as {“cs”}
Thanks
Hello,
the Code works fine ! But iam new in Cpp, can some one explain me how to add a "Cmd Input" to Check AtomBombing on differrent Exe..
Like:
CHANGEBYUSERINPUT = Input "ENTER EXE TO TEST"
eReturn = main_OpenProcessByName(L"CHANGEBYUSERINPUT" , &hProcess);
i Tried
#include string
#include iostream
string mystr;
cout << "ENTER EXE ";
getline(cin, mystr);
cout << "EXE TO TEST = " << mystr << ".\n";;
How do i add it to
eReturn = main_OpenProcessByName(L"" , &hProcess); ?
Dear enSilo Family,
Hope you are fine. I just wondered Atom Bombing and compiled it from github. I wanted to look commands from cmd but when i entered the command help, it ran and something happened. I couldn't understand because it was in seconds. I showed you in picture below:
Could you please what does it mean? And how can i use it?
Thanks in advance.
Best Regards,
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.