Skip to content

EvilBytecode/Self-Run-PE

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
inject.cpp
inject.cpp
 
 
readme.md
readme.md
 
 

Repository files navigation

Self-Run-PE

Self-Run-PE is a Windows-based process injection tool that allocates memory in a remote process and writes a copy of the current process's image into that memory. It uses direct system calls to perform the injection and execute code in the target process. This project demonstrates how to utilize low-level Windows APIs such as NtOpenProcess, NtAllocateVirtualMemory, NtWriteVirtualMemory, and NtCreateThreadEx to achieve process injection.

Features

  • Process Injection: Injects code into a target process by writing the current process's image into the target's memory space.
  • Base Relocation Fixing: Handles base relocations to ensure the injected PE works correctly when mapped at a different base address.
  • Thread Execution: Creates a remote thread in the target process to execute the injected code.

Usage:

.\inject.exe notepad.exe

  • Made by Evilbytecode aka Ebyte

PoC:

image

License

This project is licensed under the MIT License. See the LICENSE file for details.

About

Self PE Injector in C++, using NtApi.

Resources

Readme

License

View license
Activity

Stars

12 stars

Watchers

2 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages