PDA

View Full Version : test_script_shellcode_generator



zimmaro
11-18-2011, 09:27 AM
hi, guys!:)
In this video I tested a script (shellcode generator) found a very interesting and prepared "website":
http://www.coresec.org/2011/11/09/fud-payload-generator-for-backtrack/
his name is FUD. Invitation to "visit" & "see" prior to any "LOOK" at my videos!
From what little I know! I find the script of "slight similarities" to that of our friend LHYX1:
http://www.backtrack-linux.org/forums/showthread.php?t=43064&highlight=create+trojan.sh

if you want to watch my "video": http://vimeo.com/32229987
thanks!:)
zimmaro

eastman47
11-19-2011, 02:02 PM
that was great mate 10/10

Scamentology
11-19-2011, 09:43 PM
This script needed some "adjusting" but works well. I have been using the ming gcc for some time now. I like it for this purpose.

Have you found a way to use this encoding method with the -k -x /file/file.exe switch? I tried several encoding schemes but got sidetracked.
This would fix the one huge flaw with this script without having to repack it with upx.

zimmaro
11-20-2011, 12:14 AM
hi, scamentology :)
I'm sorry I do not have the skills, knowledge & skills to do certain tests and give the "right answers" (I just wanted to know the friends of the forum, the existence of this script!)
the reference to options -k -x are reported to "work msfencode"?
if yes : I thought that these two options (msfencode) needed already .executable
thanks! for your interesting :)
zimmaro

Scamentology
11-20-2011, 07:19 AM
I use a reworked version of this script and was looking to add features to it. the -k in msfencode is to inject the payload instead of running in the original process (this is why the DOS window stays open when you run it). the -x is just for the file to put the payload into. when I try different encoding schemes (that avoid av detection) the payload "dies". I will find one that works and post eventually.

Thanks for sharing the script. I am always hunting for good scripts ideas.


hi, scamentology :)
I'm sorry I do not have the skills, knowledge & skills to do certain tests and give the "right answers" (I just wanted to know the friends of the forum, the existence of this script!)
the reference to options -k -x are reported to "work msfencode"?
if yes : I thought that these two options (msfencode) needed already .executable
thanks! for your interesting :)
zimmaro

zimmaro
11-20-2011, 07:54 AM
hi,Scamentology :)
ok I think I "have understood" your "purpose"! the only thing that my "buggy-head" can afford to say: good luck for your work!! bro:)
thanks!
zimmaro-the GOAT!!!

goopylove91
11-20-2011, 04:30 PM
hi zimmaro
you can help me how to get ". / fud.sh" in not backtrack 5

zimmaro
11-21-2011, 01:30 AM
hi,
you're right! the script you must copy and paste the "website" (in the video I skipped this part) I have not posted the script for the respect of others' work!



hi,
you're right! the script you must copy and paste the "website" (in the video I skipped this part) I have not posted the script for the respect of others' work!



hi,
you're right! the script you must copy and paste the "website" (in the video I skipped this part) I have not posted the script for the respect of others' work!



hi,
you're right! for script you must copy and paste on the "website" (in the video I skipped this part) I have not posted the script for the respect of others' work!
bye!.)

m0j4h3d
11-28-2011, 08:06 PM
nice ;) .. but it seems that the process window of the payload is still on the screen !!
so any idea

m0j4h3d
11-28-2011, 08:09 PM
done ;) .. gd work boys

zimmaro
11-28-2011, 10:25 PM
hi,m0j4h3d:)
thanks!!but the merit is not mine
credits to www.coresec.org & Astr0baby !!!!:)

zimmaro
11-28-2011, 10:26 PM
hi,m0j4h3d:)
thanks!!but the merit is not mine
credits to www.coresec.org & Astr0baby !!!!:)