Skip to content
/ Code-Cave Public

Injects position-dependent code into a code cave in an executable file, and applies relocations.

19 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ryan-weil/Code-Cave

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
Code Cave
Code Cave
 
 
Shellcode
Shellcode
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
Code Cave.sln
Code Cave.sln
 
 
README.md
README.md
 
 

Repository files navigation

Code-Cave

It is simple to inject shellcode (position-independent code). However, I have not seen an example where someone injects position-dependent code (which requires relocations). This project injects a MessageBox into a code cave (a gap of unusued bytes) in an executable file, and applies relocations to the injected code.

Notes

The file must already have the API (MessageBoxA) in its Import Address Table. Injecting the import into the IAT of the file may be possible but is incredibly complicated to do. It would require a large amount of adjustments to the other sections and offsets/addresses. At that point, it would be much more logical to write position-independent code.

Screenshots

Demo injection into putty:

About

Injects position-dependent code into a code cave in an executable file, and applies relocations.

Topics

injection hacking shellcode payload relocation code-cave codecave

Resources

Readme
Activity

Stars

19 stars

Watchers

3 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages