Hey Guys, so I am trying to execute a shellcode (from metasploit) via .dll specifically what I did so far was to create my custom DLL via C and with the "Entry Point". That didn't work with the shellcode(although the code itself was correct, tested with Message box) so I tried a different technique, created a thread, allocate memory space with the shellcode size and so on. This time I decided to use publicly available code instead of creating my own, here is the URL for the code - https[:]//gist[.]github[.]com/securitytube/c956348435cc90b8e1f7
This time for execution I did "rundll32.exe DLL.dll,(random)" for execution instead of specifying the EntryPoint. The thing is that I specifically want to try executing the .dll with the rundll32.exe manually which will have the metasploit module of windows/meterpreter/reverse_tcp_rc4
Things I did for figuring out the problem:
Compiled and tested with simple .exe didn't work
Tried other modules' shellcods, again, didn't work
Viewed for connection via TCPView, no connection initiated
Hosts have perfect routing between each other nothing interferes
Obviously had handler listening for the connection
Note:The thing is that every time I run the code with rundll32.exe for couple of seconds I can see the "mouse pointer loading" so I really don't know what should I do to fix the problem. It's either I do not understand the concept and the problem is obvious or I just miss something. Anyways, I would really appreciate if you could help me with something :) Thank you in advance
[link] [comments]
from hacking: security in practice https://ift.tt/bqEnIlX
Comments
Post a Comment