In this article “I just released an updated version of Inject-Shellcode. Significant portions of the code have been cleaned up and its parameters were simplified. While I hate to change the original interface, there were several redundancies in the original parameters that didn’t make any sense. Here is the changelog for this release:
- Dramatically simplified parameters. Removed redundancies and named parameter sets more appropriately
- Added ‘Shellcode’ parameter. Now, you can optionally specify shellcode as a byte array rather than having to copy and paste shellcode into the $Shellcode32 and/or $Shellcode64 variables
- Added ‘Payload’ parameter. Naming is now consistant with Metasploit payloads. Currently, only ‘windows/meterpreter/reverse_http’ and ‘windows/meterpreter/reverse_https’ payloads are supported.
- Inject-Shellcode will now prompt the user to continue the ‘dangerous’ action unless the -Force switch is provided. Hopefully, this will prevent some people from carrying out stupid/regrettable actions.
- Added the ‘ListMetasploitPayloads’ switch to display the Metasploit payloads supported by Inject-Shellcode”