Inno Shellcode Example
Fork me on Github
You can find a complete version of the project that is described in this paper on my Github account.https://github.com/DarkCoderSc/inno-shellcode-example
InnoSetup Execute Shellcode PoC
This proof of concept demonstrate how to take advantage of InnoSetup Scripting Engine to host local/remote process shellcode payload then execute.
The idea behind this concept is to demonstrate the dangerosity of (self) installers. Not only they can contain malicious programsn, they can also run native code through their scripting engines and evade AV detections because of their natural aspect.
The most difficult part was to understand how to use pointers/refs. Basically from this example, it is possible to create any kind of Malware from scratch (even more complex ones). Feel free to try, if you have any technical questions, feel free to ask for some help.
Written the July 21, 2021, 11:29 a.m. by Jean-Pierre LESUEUR