CallbackShellcodeInjection

February 23, 2021 · View on GitHub

POCs for Shellcode Injection via Callbacks.

Working APIs

1,  EnumTimeFormatsA 			Works
2,  EnumWindows				Works
3,  EnumDesktopWindows			Works
4,  EnumDateFormatsA			Works
5,  EnumChildWindows			Works
6,  EnumThreadWindows			Works
7,  EnumSystemLocales			Works
8,  EnumSystemGeoID			Works
9,  EnumSystemLanguageGroupsA		Works
10, EnumUILanguagesA			Works
11, EnumSystemCodePagesA		Works
12, EnumDesktopsW			Works
13, EnumSystemCodePagesW		Works

Detection:

Detection: System Event Logs

Credits:

@bofheaded & @0xhex21