Need help with SharpZipRunner?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

jfmaes
173 Stars 20 Forks GNU General Public License v3.0 5 Commits 0 Opened issues

Description

Executes position independent shellcode from an encrypted zip

Services available

!
?

Need anything else?

Contributors list

No Data

SharpZipRunner

Executes position independent shellcode from an encrypted zip Get PIC code from your assembly either by using donut or metasploit or cobaltstrike RAW format.

zip the .bin file and encrypt it with a password, this assembly decrypts the zip entry in memory and executes it using D/Invokes injection API.

capable of injecting in a running process, or by creating a new process first and injecting into the newly created process. injection in itself should theoritically be possible, but causes crashes. as injecting into yourself is not really what I wanted to achieve here, did not really try to fix that issue.

tested by dropping the encrypted zip on disk, but could probably also work entirely in memory with some modifications. only supports PIC payloads, tried creating a runPE variant but failed miserably :)

 ___  _                   ____ _       ___
/ __>| |_  ___  _ _  ___ |_  /<_> ___ | . \ _ _ ._ _ ._ _  ___  _ _
\__ \| . |<_> || '_>| . \ / / | || . \|   /| | || ' || ' |/ ._>| '_>
<___ _ an encrypted zip on your computer what could possibly go wrong usage: the path disk to specific entry put in mem if not provided assumes only one is present password of process inject into used will self recommended create a new and injects that argument shows this menu>

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.