Skip to content

Latest commit

 

History

History
36 lines (16 loc) · 1.15 KB

README.md

File metadata and controls

36 lines (16 loc) · 1.15 KB

RemoteMemorymodule

Load the evilDLL from socket connection without touch disk

Inspired by @Rvn0xsy and the famous MemoryModule project

Server

Maked a simple socket server via c++ which is called PigSender(only work on Linux)

Responsible for processing the request sent by the client and transferring the DLL

Client

  1. Added a simple anti-simulation method, and receive DLL file from remote Server

  2. Finally, simply call MemoryModule

Usage:

  1. Put your DLL on the VPS and specify the file to be sent and the listening port

image-20210810085812853

  1. In the Client, just specify the address listened in the first step

image-20210810085922601

Of course, for better results, you can encrypt the traffic in network transmission, cause the feature of PE files are very obvious

Thanks to this excellent "non-landing" technology, you can use this project to reduce the pain of evasion anti-virus in some temporary environments