WinAPI is EASY | Embedding Shellcode in .text, .data, and .rsrc
Вставка
- Опубліковано 1 жов 2024
- Hey Hackers!
MalwareDNA: github.com/Cos...
I hope you enjoyed the video. If you have any questions make sure to leave them in a comment down below. You can also contact me through my website on the "Contact and Information" page or on my discord server.
Want to support CCS?:
Happy Hacker: cosmodiumcs.co...
GoFundMe: www.gofundme.c...
Socials:
Website: cosmodiumcs.com
Instagram: / cosmodium.cs
GitHub: github.com/Cos...
Discord: / discord
Make sure to like and subscribe!
Happy Hacking!
As one wise man once said: "YEEAAA BABY, THATS WHAT I HAVE BEEN WAITING FOR, THAT IS WHAT ITS ALL ABOUT, WHOOOOOO"
hello
Fooo💀💀
First of all, thank you so much for this playlist there's so many paid courses n stuff online but it's great to see that you are doing this for free (Gigachad move).
There is one crucial problem I want to point out. As of now (28 January 2024) if you launch vscode from the native tools command prompt and then compile your malware, it will compile without any errors and execute the shellcode but the shellcode will not open up notepad or do the action it is intended to perform. For it to work, you need to launch vscode by using the Developer command prompt. Open the developer command prompt for vscode and then run the command `code` to open vscode. Now when you execute your malware, the shellcode will run properly.
I compiled the same malware using the native tools cmd like 2 months ago and everything was working fine. But now, suddenly it decided to stop working so yeah, after pulling my hair out for like 4 hours, I figured out that the developer command prompt for vscode is the solution. Thanks!
Dude!!! Thanks for bringing this to my attention (and all the kind words 🫶🏽). I’ll be sure to put a notice out
Fiinnalllyyyyyy another cosmodium video, i love the content keep up the good work 💯🔥🔥
🫡
am CyberSecurity 😆
So basically the whole idea to embed shellcode is to allocate memory, load it without raising any red flags(RW only), change the rights to EW and make a thread. Is this the whole concept of shellcode on repeat? What do I mean by that? Is this is the whole idea of working with WinAPI and Shellcode? Great video btw!
Hey! I’m unsure on what u mean by “repeat”, but the program will wait for the thread (basically a task being ran by the process) to finish executing.
@@CosmodiumCS by ''on repeat'', I mean that this is how you should embed shellcode? Is this the only way to do it or there are any other approaches?
a fan here. Thank you so much for putting this video together!
Glad you enjoyed it!
ur using gigachad c++ command lines to not using vscode 2022 to do it for ya linux is the best distro I love it man its really great good practice cuz u understand what happen under the hood instead of just clicking buttons example when u create obj file and then link it into executable that let u understand the compilation process how c++ file turn into .exe file really thank u
lmfaoo! i appreciate the sentiment.
@@CosmodiumCS i do the same :
# create rc file using:
- new-item filename.rc
- #define id of resource : #define SC_ICON 1337
- link file of the resource : SC_ICON RCDATA "notpad.ico"
- import SC_ICON into ur malware file
# initalisation of rc using :
- rc filename.rc (should creat filename.res)
# convert resource to object file:
- cvtres /MACHINE:X64 /OUT:filename.o .\filename.res
# compile it:
- cl.exe /nologo /GS- /DNDEBUG /Tpsection_rsrc.cpp /link /OUT:section_rsrc.exe /SUBSYSTEM:CONSOLE /MACHINE:X86 rsrc.o
- note that lp for c++ and lc for c : /Tpsection_rsrc.cpp
THIS IS AWESOME 🎭
Any have any social media account like facebook whatsapp hacking tools. And not phishing
Is this a long video or a short movie? I can't wait to give this a watch.
lmfaoo, trust me, you’ll enjoy it! Its prolly one of the best ways to learn winapi‼️‼️
Error Memory Access Violation 😞, how to fix?
Whats your vscode theme name? :D
It’s like..Dark Ocean or something like that lmfao😆🤷🏽♂️
Use this tutorial and get Caught 🤣🤣🤣🤣🤣
Such a great video, keep it up.
I have one question, how did you build the exe file , i mean as x86 or 64 .Cz i am trying to buid in microsoft visual studio and successfully built but is't working.Alos the windows sdk version you used compiling it. Please.
Hi, Initially the same happened with me, I was able to compile it, but the shellcode didn't execute. Actually shellcode and executable both were not 32 bit, so while compiling I specified an option /arch:IA32 to compile into 32 bit executable and it worked perfectly. I hope it helps.
I've discovered this channel today and I have found it very nice with a lot of topics covered. I am actually a beginner in malware development and your videos are useful for people like me who want to learn about coding malwares thank you a lot!
Of course!
Why did you use "RtlMoveMemory" instead of "WriteProcessMemory"?
just out of curiosity
Im lazy, has less arguments😂. Jokes aside, I figured its better for beginners who are just starting with the winapi
As a beginner in this field, your explanation is the best, thank you.
Happy it helped, man! :)
TY
🤯
Awsomeee thanks you so muchhh
u are a genius bro I follow u 💥
Insane!
Bro you’re an absolute legend.
right back at ya!
I fukin love this video
Sahweeet!
Great Tut
You are literally great teacher. Its been 11 pm and I was about to go to sleep but here I am watching your videos with full enjoyment and enhancing my skills. Please keep up with these nice contents. Love from Nepal. (Wait what's the shortcut for emojis in PC 😭😭😭😭)
Hahaha! Thanks so much, really happy to hear you’re getting a lot from it :D