InfectPE - Inject Custom Code into PE File
Using this tool you can inject x-code/shellcode into PE file. InjectPE works only with 32-bit executable files.
Why you need InjectPE?
- You can test your security products.
- Use in a phishing campaign.
- Learn how PE injection works.
- ...and so on.
In the project, there is hardcoded x-code of MessageBoxA, you can change it.
Download
Windows x86 binary - Hardcoded MessageBoxA x-code, only for demos.
Dependencies:
vc_redist.x86 - Microsoft Visual C++ Redistributable
Usage
.\InfectPE.exe .\input.exe .\out.exe code
X-code is injected into code section, this method is more stealthy, but sometimes there is no enough space in the code section..\InfectPE.exe .\input.exe .\out.exe largest
X-code is injected into a section with the largest number of zeros, using this method you can inject bigger x-code. This method modifies characteristics of the section and is a bit more suspicious..\InfectPE.exe .\input.exe .\out.exe resize
Expand the size of code section and inject x-code. This technique, like "code" one, is less suspicious, also you can inject much bigger x-code.In the patched file, ASLR and NX are disabled, for the more technical information you can analyze VS project.
Demo
"code" and "largest" techniques.
"resize" technique.
InfectPE - Inject Custom Code into PE File
Reviewed by Zion3R
on
11:15 AM
Rating:
![InfectPE - Inject Custom Code into PE File](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4fsC86_SMPO1_AvxJ6hPYPSXmd4GMUBfArQMqIbBjP9QAAMGXoMM231XVyONMNz7NMPzFbV58Y3obWLgN3FVbEWtXCZwvLfETua7SwqWiH4ldVsjtn0U6DUjbSxeeFOCIuVUxo_Dd99o/s72-c/InjectPE.png)