Some of my experiments with OffensiveNim templates
To not popup the Nim binaries console window compile them with the --app:gui
parameter.
For the best size:
nim c -d:danger -d:strip --opt:size --passc=-flto --passl=-flto executable.nim
To compile the DLL:
nim c -d=mingw --app=lib --nomain --cpu=amd64 DLLHijack.nim
For unhook.nim:
nim cpp -d:release --passL:"-L. -lPsapi" unhook.nim
For syscall_shellcode.nim:
git clone https://github.com/ajpc500/NimlineWhispers.git
#Modify functions.txt to include our five Native API functions:
NtCreateThreadEx
NtOpenProcess
NtAllocateVirtualMemory
NtWriteVirtualMemory
NtClose
And run:
python3 NimlineWhispers
edit syscalls.nim and add:
type
PS_ATTR_UNION* {.pure, union.} = object
Value*: ULONG
ValuePtr*: PVOID
PS_ATTRIBUTE* {.pure.} = object
Attribute*: ULONG
Size*: SIZE_T
u1*: PS_ATTR_UNION
ReturnLength*: PSIZE_T
PPS_ATTRIBUTE* = ptr PS_ATTRIBUTE
PS_ATTRIBUTE_LIST* {.pure.} = object
TotalLength*: SIZE_T
Attributes*: array[2, PS_ATTRIBUTE]
PPS_ATTRIBUTE_LIST* = ptr PS_ATTRIBUTE_LIST
According to: https://ajpc500.github.io/nim/Shellcode-Injection-using-Nim-and-Syscalls/