nariod / rustpacker Goto Github PK

Large shellcode such as Sliver ones (~20Mo) add up to ~80Mo in the Rust main.rs file. When compiled, the compiler is killed with SIGKILL because of enormous RAM consumption.

The compilation of the RustPacker project and the shellcode packing operation work fine.
But when I execute the resulting PE (the packed shellcode) on a Windows 10 machine, nothing happen. No error, no output, no callback. On a Windows 11 machine the PE works fine.

How I generate my shellcode : generate --http 192.168.1.79:80 --evasion -f shellcode

I have also tried to "simplify" the shellcode but it doesn't change anything (generate --http 192.168.1.79:80 -f shellcode -G -l to disabled the evasion, the symbol obfuscation and the shikata ga nai encoding).

How I run RustPacker : RustPacker.exe -f .\SHELLCODE.bin -i syscrt -e aes

It worth to note that the issue appears with all the template, not only syscrt.

• Can you make it crypt exe files
• Or
• Make it Work as persistent reverse shell so we dont lose connection to our victim
• Good Work Keep Up ♥

Hey Nariod,
Do have any guide/idea of porting different APIs to be used with compatible paramters? I am using rust_syscalls in one of my projects. I have seen your issue there regarding same problem of using NtCreateThreadEx. I am looking for ways to use right types of args in function calls, i see you have achieved that in your project.

Thankyou.

I am also doing this kind of packer recently, maybe my repo will be of some help
https://github.com/b1nhack/rust-shellcode

Todo : Add compilation from Windows support