Code Monkey home page Code Monkey logo

Comments (8)

idiom avatar idiom commented on August 15, 2024

Thanks @itripc taking a look.

from blobrunner.

itripc avatar itripc commented on August 15, 2024

Appreciated idiom

from blobrunner.

idiom avatar idiom commented on August 15, 2024

Tested and this works as expected. Can you try the following

  1. Run:
    bloblrunner.exe shellcode3_actual_meterpreter.bin

This will display the offset of the allocated memory. Example:

[*] Entry: 0x000c0000

  1. Open your debugger and attach to the blobrunner.exe process.
  2. Navigate to the above address (ctrl-g if you are using x64dbg) and set a breakpoint (f2)
    In your sample this should be
FC                       cld          ;  <-- Add Breakpoint here
E8 82 00 00      call C0088
60                       pushad

4 Resume the process in the debugger.
5. Now press enter in the Blobrunner console window to resume execution.

This will break at the first instruction of the loaded shellcode where you placed the breakpoint.

from blobrunner.

idiom avatar idiom commented on August 15, 2024

@itripc Also here is a short video explaining using it - https://www.youtube.com/watch?v=q9q8dy-2Jeg

from blobrunner.

itripc avatar itripc commented on August 15, 2024

Funny I was using x64dbg and it seemed to work fine in x64 but the issue was with IDA remote dbg, I couldnt get the offset to line up in segments. The video is great watched it yesterday thanks.

from blobrunner.

idiom avatar idiom commented on August 15, 2024

Hey, I just tested with Ida - remote debugging and it should also work using the same method as above. When you navigate to the offset, you will need to convert it to code and then set the breakpoint, the shellcode should be written to the start of the allocated region.

Are you seeing it written at the end?

Here is an example where I renamed the region to shellcode and have it set as executable.
image

from blobrunner.

itripc avatar itripc commented on August 15, 2024

from blobrunner.

idiom avatar idiom commented on August 15, 2024

Great! If you have any questions feel free to reach out

from blobrunner.

Related Issues (10)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.