25 lines
No EOL
1.2 KiB
Text
25 lines
No EOL
1.2 KiB
Text
A small piece of shellcode written in assembler that can scan the user-land
|
|
address space for small blocks of memory ("eggs") and recombine the eggs into
|
|
one large block. When done, the large block is executed. This is useful when you
|
|
can only insert small blocks at random locations into a process and not one
|
|
contiguous large block containing your shellcode in one piece: this code will
|
|
recombine the eggs to create your shellcode in the process and execute it.
|
|
|
|
This version works only on Windows 32-bit platforms because it uses the Windows
|
|
specific Structured Exception Handler (SEH) feature to handle access violations
|
|
caused by scanning memory.
|
|
|
|
More details can be found here:
|
|
|
|
http://skypher.com/wiki/index.php?title=Shellcode/w32_SEH_omelet_shellcode
|
|
http://code.google.com/p/w32-seh-omelet-shellcode/
|
|
backup: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/13507-1.zip (2009-w32-SEH-omlet-shellcode-v0.2.zip)
|
|
backup: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/13507-2.zip (2009-w32-SEH-omlet-shellcode-older-versions.zip)
|
|
|
|
I have not had a chance to test this newer version in a live exploit, so do
|
|
let me know if you have a chance to use it.
|
|
|
|
Cheers,
|
|
SkyLined
|
|
|
|
# milw0rm.com [2009-03-16] |