Shellcode Template : An Easily Modifiable Shellcode Template For Windows X64/X86

Shellcode Template is heavily based on Austin Hudson’s (aka SecIdiot) TitanLdr It compiles the project into a PE Executable and extracts the .text section

Example

The entry point of the shellcode looks like this. Of course, this can be changed for your need. First we need to initialize needed libraries and functions by using our custom written GetModuleHandle and GetProcAddress.

SEC( text, B ) VOID Entry( VOID )
{
INSTANCE Instance = { };
Instance.Modules.Kernel32 = TGetModuleHandle( HASH_KERNEL32 );
Instance.Modules.Ntdll = TGetModuleHandle( HASH_NTDLL );
if ( Instance.Modules.Kernel32 != NULL )
{
// Load needed functions
Instance.Win32.LoadLibraryA = TGetProcAddr( Instance.Modules.Kernel32, 0xb7072fdb );
// Load needed Libraries
Instance.Modules.User32 = Instance.Win32.LoadLibraryA( GET_SYMBOL( “User32” ) );
if ( Instance.Modules.User32 != NULL )
{
Instance.Win32.MessageBoxA = TGetProcAddr( Instance.Modules.User32, 0xb303ebb4 );
}
}

Btw as you can see we can use normal strings in our shellcode. This is because we include the .rdata section into our shellcode at linking time. And GET_SYMBOL gets the pointer to the function or string via its relative offset to GetRIP()

Get Started

Clone this project and you are ready to start

git clone https://www.github.com/Cracked5pider/ShellcodeTemplate

Next you would need to change the project name in the makefile from ShellcodeTemplate to whatever you want Then you can compile the project by using make

make // to compile x64 and x86
make x64 // to compile only x64
make x86 // to compile only x86