my shellcode run, but the src exe cann't execute about binjection HOT 8 OPEN

@qiushifengyu I'm assuming you're injecting into a PE for Windows, because you said exe. On Windows, binjection will automatically add a JMP back to the original entry point to the end of your shellcode.

This is where the injection is happening:.
And this is the shellcode that is being appended to your shellcode.

There are two possibilities I can see:

1. Your shellcode does not make it all the way to the JMP being added to the end of it. This is the most common cause of the issue you're describing. Perhaps your code is crashing or looping or attempting to RET to nowhere?
2. The JMP being appended is actually running, but crashing or attempting to jump to the wrong address.

Are you able to step through the binjected binary in a debugger and see which of these is the case?

Thanks!

from binjection.

yes,I see.thank you very much,I will debug my shellcode。
thanks!

from binjection.

@qiushifengyu Please let me know which of those it turns out being. If it's number 1, I'll close the issue, but if it's number 2, I'll have to fix something :)

from binjection.

thanks a lot, I debuged my sc.I have RET before before jmp back. I use the SRDI make my dll to shell code

from binjection.

is the code cave completed?

from binjection.

Code cave detection is implemented, but not actually used for Windows. In our experiments, we found that changes to the windows compiler have basically removed most simple (continuous) code caves from PE binaries. We have not implemented code cave chaining yet, which is the only thing that might work on some programs.

The method we're currently using adds a new section. This seems to be the most stable.

from binjection.

yes，it is seems to be the most stable, but can't bypass AV

from binjection.

@awgh First of all thank you and your team for binjection! 😊

I'm running into the same problem as @tooBugs: Shell code runs, but source file won't be executed

What's weird is that shell code and source file are both simple hello world programs, which work individually and don't crash.

Here are the steps to reproduce:

1. Build this repo with make: https://github.com/1mansh0w/binjection-hello-world
2. Create shell code with donut: donut ~/hello.x64.exe
3. Inject shell code in source file with binjection: binjection -f ./hello.x64.exe -s ./loader.bin -o no_luck.exe
4. Execute no_luck.exe on Windows 10 -> only shell code get's executed

I thought that maybe the source file cannot print the string to stdout, but is actually running - therefore I also tried an executable that creates a file, but also that didn't happen. The executable works fine individually.

Do you know what the issue could be here?

Thanks!

from binjection.