pi

About

pi is intended for injecting Position Independent Code (PIC) into a Windows process space regardless of it being 32 or 64-bit.

If running in wow64 mode and target process is 64-bit, pi will transition to 64-bit mode in order to a create remote thread.

I wrote this specifically for testing win32 and win64 shellcode because while these codes can run fine by themselves, it's when you inject into another process space that reveals a lot of problems.

Building

This should compile without error using MSVC or MINGW.

MSVC

cl pi.c pslist.c
Mingw

gcc pi.c pslist.c -opi

Usage

Currently, you can execute command in context of remote process, load a DLL or just run PIC.

Simply supply a process name/process id along with PIC/DLL file or command line. Let's say we want to inject code into internet explorer.

Supported Platforms

This has been tested successfully on x86 CPU running Windows NT 4.0 - Windows 10.

Name		Name	Last commit message	Last commit date
parent directory ..
asm		asm
CreateThreadPIC.bin		CreateThreadPIC.bin
ExecPIC.bin		ExecPIC.bin
LoadDLLPIC.bin		LoadDLLPIC.bin
Makefile		Makefile
README.md		README.md
README.txt		README.txt
asm.asm		asm.asm
b32.bat		b32.bat
createthread.h		createthread.h
loadlib.h		loadlib.h
pi.c		pi.c
pi.exe		pi.exe
pi.h		pi.h
pi.obj		pi.obj
pslist.c		pslist.c
pslist.obj		pslist.obj
winexec.h		winexec.h

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

About

Building

Usage

Supported Platforms

FilesExpand file tree

pi

Directory actions

More options

Directory actions

More options

Latest commit

History

pi

Folders and files

parent directory

README.md

About

Building

Usage

Supported Platforms