RS-Shellcode : A Comprehensive Guide To Shellcode Execution With Rust

Dive into the world of cybersecurity with “RS-Shellcode,” a robust shellcode runner crafted in Rust. This tool leverages the windows-rs library to efficiently execute shellcode on Windows platforms.

Ideal for security researchers and penetration testers, RS-Shellcode simplifies the process of testing and debugging shellcode, enhancing your exploitation toolkit.

A shellcode runner write in Rust use windows-rs.

how To Use It

Install rustup, use nightly toochain.

rustup default nightly

Use msfvenom generate shellcode for test.

msfvenom -p windows/x64/exec CMD=calc.exe  --platform win -f raw -o calc64.raw

Build:

cargo build

Usage:

rs_shellcode 

USAGE:
    rs_shellcode.exe [FLAGS] [OPTIONS] -f <file>

FLAGS:
    -b               set breakpoint in debugger
    -h, --help       Prints help information
    -V, --version    Prints version information

OPTIONS:
    -f <file>          shellcode path
    -o <offset>        shellcode offset

Run:

./target/debug/rs_shellcode.exe -f <SHELLCODE_PATH>

When your shellcode not start at offset 0, you can specify the offset use -o:

./target/debug/rs_shellcode.exe -f <SHELLCODE_PATH> -o 0x30

Run with breakpoint flag (-b):

./target/debug/rs_shellcode.exe -f <SHELLCODE_PATH> -b

Pool Party RS : Leveraging Windows Thread Pools For Advanced Process Injection

February 18, 2025

In "Cyber security"

RWX_MEMORY_HUNT_AND_INJECTION_DV : Exploiting OneDrive.exe To Inject Shellcode Without New RWX Allocations

January 13, 2025

In "Exploitation Tools"

Mshikaki – Advanced Shellcode Injection Tool for Bypassing AMSI

September 28, 2023

In "Exploitation Tools"

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.