PowerSploit – Inject-Shellcode Update

By | August 27, 2012

Source: Exploit-Monday.com

In this article “I just released an updated version of Inject-Shellcode. Significant portions of the code have been cleaned up and its parameters were simplified. While I hate to change the original interface, there were several redundancies in the original parameters that didn’t make any sense. Here is the changelog for this release:
New Features/Changes:

  • Dramatically simplified parameters. Removed redundancies and named parameter sets more appropriately
  • Added ‘Shellcode’ parameter. Now, you can optionally specify shellcode as a byte array rather than having to copy and paste shellcode into the $Shellcode32 and/or $Shellcode64 variables
  • Added ‘Payload’ parameter. Naming is now consistant with Metasploit payloads. Currently, only ‘windows/meterpreter/reverse_http’ and ‘windows/meterpreter/reverse_https’ payloads are supported.
  • Inject-Shellcode will now prompt the user to continue the ‘dangerous’ action unless the -Force switch is provided. Hopefully, this will prevent some people from carrying out stupid/regrettable actions.
  • Added the ‘ListMetasploitPayloads’ switch to display the Metasploit payloads supported by Inject-Shellcode”

Leave a Reply