First of all, many thanks to @fancy__04 for reporting this issue.
So basically in ‘Manual Mode’ there is a bug when attempting to redefine a custom payload in case the first attempt failed, for any reason that might be.
A simple example of when that can be caused, is by mistyping the filename of the custom payload.
The bug relies in the fact that the buffer holding the previous name is not re-initialized. This means that if the next filename is shorter than the previous one, then the extra characters of the previous name will remain ‘appended’ in the current one.
This basically would lead again to an invalid name until another valid filename longer or equal to the first one is set. This does not apply in ‘Auto Mode’ as there the buffer is correctly re-initialized when needed.
A fix for this issue will be applied in the upcoming Shellter v6.8.
Cheers,
kyREcon
Howdy!
So here is what’s being happening at the moment regarding Shellter and the upcoming Shellter Pro.
I am currently testing Shellter v6.8 where some minor updates have been applied. The most important one is regarding the ––reflective argument. The command line parser will perform a couple of extra validation checks to ensure that it has been used correctly.
Regarding Shellter Pro, there is some substancial progress with it. It has been a bit slow as my free time is limited, but I am planning to boost a bit its development quite soon.
I am currenty testing a couple of really unique features that you have never seen before in a shellcode injector and/or PE infector of any type.
Furthermore, there is also a lot of work in automating more things in it which will make its usage faster…like a lot faster!
I wish I could reveal more, but I prefer to surprise you when the times comes.
Cheers,
kyREcon