is it also possible to get the raw shellcode from an exe file with donut? looking to write my first dropper and pasting my shellcode directly into my loader was my first choice, any idea on how i can get raw shellcode out of mythic?
A lot of shellcodes are from donut. You can generate shellcodes from Apollo agent. Make sure to specify shelllcode when generating one, and rename the out file as .bin
Nice but can you make another video where you make your own injector or possibly edit that one so you can specify the process name then it finds the PID and injects into it and instead of the base64 shell code you have it generate the C shell code in the \x00 Edian format?
Dude where were you? I am hooked on your videos 😂. As usual an excellent content produced.
I am back man, thank you for the support!
Holy shit!!! I'll test it. It's so powerfull feature in real hacking. Thanks for sharing!!!
Very useful! Great video
is it also possible to get the raw shellcode from an exe file with donut? looking to write my first dropper and pasting my shellcode directly into my loader was my first choice, any idea on how i can get raw shellcode out of mythic?
A lot of shellcodes are from donut. You can generate shellcodes from Apollo agent. Make sure to specify shelllcode when generating one, and rename the out file as .bin
your kali customization is fucking gorgeous
Thanks man, I am always changing it, now I'm using a i3 config, will show it in the next video
awesome video and awesome tool
i've been trying so hard to install it in kali linux how is it posible any tips? i cloned it first then i used make then ./donut won't work
Did you try downloading the released precompiled binary?
@@Lsecqt how would i use a precombiled binary on linux
Nice but can you make another video where you make your own injector or possibly edit that one so you can specify the process name then it finds the PID and injects into it and instead of the base64 shell code you have it generate the C shell code in the \x00 Edian format?
Say no more!
a question, How to do the same process but with output to HEX?
With Donut I think you should modify the source code, I do not think there is an option to output into hex.
@@Lsecqt yes there is bro
13:58 PID for explorer.exe is 5280, but you said 5208 (This is what happened when you watch the same video over and over again :D)
Thanks for the correction, will do better next time. Appreciate it!
WOW!
WINRAR in 2024?
Why not
@@Lsecqt 7ZIP?
Cool video, can show similar example, donut with other available .exe such as mimikatz.exe, rubeus.exe, or sharphound.exei?
Could try yea!