frkngksl / shoggoth Goto Github PK

I'm using two-layer shellcode injection. (program.exe -> inject(loader_shoggoth_shellcode) -> inject(payload_shoggoth_shellcode)). So I'm just trying to inject shellcode from another shellcode. First injection is ok, but when my loader injecting main payload it just do nothing. Works fine if payload is not morphed with shoggoth

I attach the error that is generated during linking. The error appears when using cmake and then make to build the project. I used cmake-converter to convert Shoggoth.sln to CMakeLists.txt, so I could use cmake and make for compilation. Did I do something wrong in the process? Win10 and MinGW compiler

Thanks!
error.txt

SO: Windows 11 Home
Compilers: MinGW LLVM, Visual studio C++ compiler.

Hi, I want to ask for help 'cause I tried the program and it showed me the error that says in the title of the Issue, is an error that appears when the the output of the polymorphic engine is executed. The parameters were the following: Input; A x64 exe file compiled with MinGW LLVM, a hello world program, Output: Un simple out.exe file with the path of downloads folder and the mode selected was PE, I also tried the COFF and RAW modes, also I tried compiling the project of Shoggoth in x86 and x64 and Shoggoth was compiled with visual studio, but nothing worked, I would like help. If information is needed there is no problem and I will proportionate it.

Encrypting it won't work

hello
I am trying to inject shellcode into a normal pe and then modify the entry point so that the pe file executes the shellcode I inserted

The tools I use are https://github.com/XaFF-XaFF/CaveCarver

CaveCarver.exe path_to_exe path_to_shellcode

I tried cobalt strike generated stager shellcode and it worked fine
But when I encrypted stager shellcode with your tool and inserted it with CaveCarver tool again, it couldn't work properly. I have tried multiple tools similar to CaveCarver.

I see that the encrypted sections are given normal permissions, so why did they fail?

Hello,

Im using this loader https://github.com/f1zm0/hades my my "payload.bin" is calc.exe generated with donut.
If im using "Shoggoth.exe --input payload.bin --output output.bin -m raw --dont-do-first-encryption --dont-do-second-encryption"
It will work and i see the calculator, but if i do it without "--dont-do-first-encryption --dont-do-second-encryption" nothing happens.

Win10 Virtual machine latest updates