├── .gitignore ├── DotNet ├── App.config ├── DotNet.csproj ├── Program.cs └── Properties │ └── AssemblyInfo.cs ├── FunctionTest ├── FunctionTest.cpp ├── FunctionTest.vcxproj ├── FunctionTest.vcxproj.filters ├── stdafx.cpp ├── stdafx.h └── targetver.h ├── LICENSE ├── Native ├── Loader.cpp ├── Native.vcxproj ├── Native.vcxproj.filters ├── stdafx.cpp ├── stdafx.h └── targetver.h ├── PowerShell └── ConvertTo-Shellcode.ps1 ├── Python ├── ConvertToShellcode.py ├── EncodeBlobs.py ├── Python.pyproj ├── ShellcodeRDI.py ├── pefile.py └── peutils.py ├── README.md ├── ShellcodeRDI.sln ├── ShellcodeRDI ├── 64BitHelper.h ├── AdjustStack.asm ├── GetProcAddressWithHash.h ├── ShellcodeRDI.c ├── ShellcodeRDI.vcxproj ├── ShellcodeRDI.vcxproj.filters ├── function_link_order.txt └── function_link_order64.txt ├── ShellcodeRDITest ├── ReadMe.txt ├── ShellcodeRDITest.cpp ├── ShellcodeRDITest.vcxproj ├── stdafx.cpp ├── stdafx.h └── targetver.h ├── TestDLL ├── ReadMe.txt ├── Resource.rc ├── TestDLL.cpp ├── TestDLL.vcxproj ├── TestDLL.vcxproj.filters ├── dllmain.cpp ├── resource.h ├── stdafx.cpp ├── stdafx.h └── targetver.h ├── Tests ├── Convert.py ├── ConvertCalc.bat ├── ConvertCmdDll.cmd ├── ConvertCmdExe.cmd ├── ConvertHex2bin.cmd ├── ConvertMimikatz.cmd ├── ConvertNotepad.cmd ├── Executables │ ├── calc.exe │ ├── cmd-dll_v0_0_1 │ │ ├── cmd.c │ │ ├── cmd.dll │ │ ├── cmd.rbuild │ │ └── main.c │ ├── cmd.exe │ ├── hex2bin.exe │ ├── mimikatz_trunk │ │ ├── README.md │ │ ├── Win32 │ │ │ ├── mimidrv.sys │ │ │ ├── mimikatz.exe │ │ │ ├── mimilib - Copy.dll │ │ │ ├── mimilib.dll │ │ │ ├── mimilib.dll.bak │ │ │ ├── mimilib.idb │ │ │ └── mimilove.exe │ │ ├── kiwi_passwords.yar │ │ └── mimicom.idl │ └── notepad.exe └── Shellcode │ ├── Calc.bin │ ├── CmdDll.bin │ ├── CmdExe.bin │ ├── Mimikatz.bin │ ├── hex2bin.bin │ └── notepad.bin ├── bin └── .gitignore └── lib ├── PowerShell ├── Get-FunctionHash.ps1 ├── Get-LibSymbols.ps1 ├── Get-ObjDump.format.ps1xml ├── Get-PEHeader.ps1 └── Out-Shellcode.ps1 └── Python └── FunctionToHash.py /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/.gitignore -------------------------------------------------------------------------------- /DotNet/App.config: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/DotNet/App.config -------------------------------------------------------------------------------- /DotNet/DotNet.csproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/DotNet/DotNet.csproj -------------------------------------------------------------------------------- /DotNet/Program.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/DotNet/Program.cs -------------------------------------------------------------------------------- /DotNet/Properties/AssemblyInfo.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/DotNet/Properties/AssemblyInfo.cs -------------------------------------------------------------------------------- /FunctionTest/FunctionTest.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/FunctionTest/FunctionTest.cpp -------------------------------------------------------------------------------- /FunctionTest/FunctionTest.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/FunctionTest/FunctionTest.vcxproj -------------------------------------------------------------------------------- /FunctionTest/FunctionTest.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/FunctionTest/FunctionTest.vcxproj.filters -------------------------------------------------------------------------------- /FunctionTest/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/FunctionTest/stdafx.cpp -------------------------------------------------------------------------------- /FunctionTest/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/FunctionTest/stdafx.h -------------------------------------------------------------------------------- /FunctionTest/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/FunctionTest/targetver.h -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/LICENSE -------------------------------------------------------------------------------- /Native/Loader.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Native/Loader.cpp -------------------------------------------------------------------------------- /Native/Native.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Native/Native.vcxproj -------------------------------------------------------------------------------- /Native/Native.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Native/Native.vcxproj.filters -------------------------------------------------------------------------------- /Native/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Native/stdafx.cpp -------------------------------------------------------------------------------- /Native/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Native/stdafx.h -------------------------------------------------------------------------------- /Native/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Native/targetver.h -------------------------------------------------------------------------------- /PowerShell/ConvertTo-Shellcode.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/PowerShell/ConvertTo-Shellcode.ps1 -------------------------------------------------------------------------------- /Python/ConvertToShellcode.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Python/ConvertToShellcode.py -------------------------------------------------------------------------------- /Python/EncodeBlobs.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Python/EncodeBlobs.py -------------------------------------------------------------------------------- /Python/Python.pyproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Python/Python.pyproj -------------------------------------------------------------------------------- /Python/ShellcodeRDI.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Python/ShellcodeRDI.py -------------------------------------------------------------------------------- /Python/pefile.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Python/pefile.py -------------------------------------------------------------------------------- /Python/peutils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Python/peutils.py -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/README.md -------------------------------------------------------------------------------- /ShellcodeRDI.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDI.sln -------------------------------------------------------------------------------- /ShellcodeRDI/64BitHelper.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDI/64BitHelper.h -------------------------------------------------------------------------------- /ShellcodeRDI/AdjustStack.asm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDI/AdjustStack.asm -------------------------------------------------------------------------------- /ShellcodeRDI/GetProcAddressWithHash.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDI/GetProcAddressWithHash.h -------------------------------------------------------------------------------- /ShellcodeRDI/ShellcodeRDI.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDI/ShellcodeRDI.c -------------------------------------------------------------------------------- /ShellcodeRDI/ShellcodeRDI.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDI/ShellcodeRDI.vcxproj -------------------------------------------------------------------------------- /ShellcodeRDI/ShellcodeRDI.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDI/ShellcodeRDI.vcxproj.filters -------------------------------------------------------------------------------- /ShellcodeRDI/function_link_order.txt: -------------------------------------------------------------------------------- 1 | ExecutePayload 2 | GetProcAddressWithHash -------------------------------------------------------------------------------- /ShellcodeRDI/function_link_order64.txt: -------------------------------------------------------------------------------- 1 | Begin 2 | GetProcAddressWithHash 3 | ExecutePayload -------------------------------------------------------------------------------- /ShellcodeRDITest/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDITest/ReadMe.txt -------------------------------------------------------------------------------- /ShellcodeRDITest/ShellcodeRDITest.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDITest/ShellcodeRDITest.cpp -------------------------------------------------------------------------------- /ShellcodeRDITest/ShellcodeRDITest.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDITest/ShellcodeRDITest.vcxproj -------------------------------------------------------------------------------- /ShellcodeRDITest/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDITest/stdafx.cpp -------------------------------------------------------------------------------- /ShellcodeRDITest/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDITest/stdafx.h -------------------------------------------------------------------------------- /ShellcodeRDITest/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/ShellcodeRDITest/targetver.h -------------------------------------------------------------------------------- /TestDLL/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/TestDLL/ReadMe.txt -------------------------------------------------------------------------------- /TestDLL/Resource.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/TestDLL/Resource.rc -------------------------------------------------------------------------------- /TestDLL/TestDLL.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/TestDLL/TestDLL.cpp -------------------------------------------------------------------------------- /TestDLL/TestDLL.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/TestDLL/TestDLL.vcxproj -------------------------------------------------------------------------------- /TestDLL/TestDLL.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/TestDLL/TestDLL.vcxproj.filters -------------------------------------------------------------------------------- /TestDLL/dllmain.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/TestDLL/dllmain.cpp -------------------------------------------------------------------------------- /TestDLL/resource.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/TestDLL/resource.h -------------------------------------------------------------------------------- /TestDLL/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/TestDLL/stdafx.cpp -------------------------------------------------------------------------------- /TestDLL/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/TestDLL/stdafx.h -------------------------------------------------------------------------------- /TestDLL/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/TestDLL/targetver.h -------------------------------------------------------------------------------- /Tests/Convert.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Convert.py -------------------------------------------------------------------------------- /Tests/ConvertCalc.bat: -------------------------------------------------------------------------------- 1 | python Convert.py Executables\calc.exe Shellcode\Calc.bin 2 | pause -------------------------------------------------------------------------------- /Tests/ConvertCmdDll.cmd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/ConvertCmdDll.cmd -------------------------------------------------------------------------------- /Tests/ConvertCmdExe.cmd: -------------------------------------------------------------------------------- 1 | python Convert.py Executables\cmd.exe Shellcode\CmdExe.bin 2 | pause -------------------------------------------------------------------------------- /Tests/ConvertHex2bin.cmd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/ConvertHex2bin.cmd -------------------------------------------------------------------------------- /Tests/ConvertMimikatz.cmd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/ConvertMimikatz.cmd -------------------------------------------------------------------------------- /Tests/ConvertNotepad.cmd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/ConvertNotepad.cmd -------------------------------------------------------------------------------- /Tests/Executables/calc.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/calc.exe -------------------------------------------------------------------------------- /Tests/Executables/cmd-dll_v0_0_1/cmd.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/cmd-dll_v0_0_1/cmd.c -------------------------------------------------------------------------------- /Tests/Executables/cmd-dll_v0_0_1/cmd.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/cmd-dll_v0_0_1/cmd.dll -------------------------------------------------------------------------------- /Tests/Executables/cmd-dll_v0_0_1/cmd.rbuild: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/cmd-dll_v0_0_1/cmd.rbuild -------------------------------------------------------------------------------- /Tests/Executables/cmd-dll_v0_0_1/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/cmd-dll_v0_0_1/main.c -------------------------------------------------------------------------------- /Tests/Executables/cmd.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/cmd.exe -------------------------------------------------------------------------------- /Tests/Executables/hex2bin.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/hex2bin.exe -------------------------------------------------------------------------------- /Tests/Executables/mimikatz_trunk/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/mimikatz_trunk/README.md -------------------------------------------------------------------------------- /Tests/Executables/mimikatz_trunk/Win32/mimidrv.sys: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/mimikatz_trunk/Win32/mimidrv.sys -------------------------------------------------------------------------------- /Tests/Executables/mimikatz_trunk/Win32/mimikatz.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/mimikatz_trunk/Win32/mimikatz.exe -------------------------------------------------------------------------------- /Tests/Executables/mimikatz_trunk/Win32/mimilib - Copy.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/mimikatz_trunk/Win32/mimilib - Copy.dll -------------------------------------------------------------------------------- /Tests/Executables/mimikatz_trunk/Win32/mimilib.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/mimikatz_trunk/Win32/mimilib.dll -------------------------------------------------------------------------------- /Tests/Executables/mimikatz_trunk/Win32/mimilib.dll.bak: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/mimikatz_trunk/Win32/mimilib.dll.bak -------------------------------------------------------------------------------- /Tests/Executables/mimikatz_trunk/Win32/mimilib.idb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/mimikatz_trunk/Win32/mimilib.idb -------------------------------------------------------------------------------- /Tests/Executables/mimikatz_trunk/Win32/mimilove.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/mimikatz_trunk/Win32/mimilove.exe -------------------------------------------------------------------------------- /Tests/Executables/mimikatz_trunk/kiwi_passwords.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/mimikatz_trunk/kiwi_passwords.yar -------------------------------------------------------------------------------- /Tests/Executables/mimikatz_trunk/mimicom.idl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/mimikatz_trunk/mimicom.idl -------------------------------------------------------------------------------- /Tests/Executables/notepad.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Executables/notepad.exe -------------------------------------------------------------------------------- /Tests/Shellcode/Calc.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Shellcode/Calc.bin -------------------------------------------------------------------------------- /Tests/Shellcode/CmdDll.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Shellcode/CmdDll.bin -------------------------------------------------------------------------------- /Tests/Shellcode/CmdExe.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Shellcode/CmdExe.bin -------------------------------------------------------------------------------- /Tests/Shellcode/Mimikatz.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Shellcode/Mimikatz.bin -------------------------------------------------------------------------------- /Tests/Shellcode/hex2bin.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Shellcode/hex2bin.bin -------------------------------------------------------------------------------- /Tests/Shellcode/notepad.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/Tests/Shellcode/notepad.bin -------------------------------------------------------------------------------- /bin/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/bin/.gitignore -------------------------------------------------------------------------------- /lib/PowerShell/Get-FunctionHash.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/lib/PowerShell/Get-FunctionHash.ps1 -------------------------------------------------------------------------------- /lib/PowerShell/Get-LibSymbols.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/lib/PowerShell/Get-LibSymbols.ps1 -------------------------------------------------------------------------------- /lib/PowerShell/Get-ObjDump.format.ps1xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/lib/PowerShell/Get-ObjDump.format.ps1xml -------------------------------------------------------------------------------- /lib/PowerShell/Get-PEHeader.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/lib/PowerShell/Get-PEHeader.ps1 -------------------------------------------------------------------------------- /lib/PowerShell/Out-Shellcode.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/lib/PowerShell/Out-Shellcode.ps1 -------------------------------------------------------------------------------- /lib/Python/FunctionToHash.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ohjeongwook/sRDI/HEAD/lib/Python/FunctionToHash.py --------------------------------------------------------------------------------