Home 0P3N Blog InfectPE - Inject Custom Code into PE File
Ready to Start Your Career?
Create Free Account
Jimakoch s profile image
By: Jimakoch
April 29, 2017

InfectPE - Inject Custom Code into PE File

By: Jimakoch
April 29, 2017
Jimakoch s profile image
By: Jimakoch
April 29, 2017

code-injection

Using this tool you can inject x-code/shellcode into PE file. InjectPE works only with 32-bit executable files.

Why you need InjectPE?

  • You can test your security products.
  • Use in a phishing campaign.
  • Learn how PE injection works.
  • ...and so on.

In the project, there is hardcoded x-code of MessageBoxA, you can change it.

Download

Windows x86 binary - Hardcoded MessageBoxA x-code, only for demos.

Dependencies:

vc_redist.x86 - Microsoft Visual C++ Redistributable

Usage

.InfectPE.exe .input.exe .out.exe code

X-code is injected into code section, this method is more stealthy, but sometimes there is no enough space in the code section.

.InfectPE.exe .input.exe .out.exe largest

X-code is injected into a section with the largest number of zeros, using this method you can inject bigger x-code. This method modifies characteristics of the section and is a bit more suspicious.

.InfectPE.exe .input.exe .out.exe resize

Expand the size of code section and inject x-code. This technique, like "code" one, is less suspicious, also you can inject much bigger x-code.

In the patched file, ASLR and NX are disabled, for the more technical information you can analyze VS project.

Please, don't use with packed or malformed executables.

Demo

Vimeo – “code” and “largest” techniques.Vimeo – “resize” technique.

TODO:

Add more techniques to inject x-code into PE file.

Download InfectPE

Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry