A small piece of shellcode written in assembler that can scan the user-land
address space for small blocks of memory ("eggs") and recombine the eggs into
one large block. When done, the large block is executed. This is useful when you
can only insert small blocks at random locations into a process and not one
contiguous large block containing your shellcode in one piece: this code will
recombine the eggs to create your shellcode in the process and execute it.
This version works only on Windows 32-bit platforms because it uses the Windows
specific Structured Exception Handler (SEH) feature to handle access violations
caused by scanning memory.
More details can be found here:
http://skypher.com/wiki/index.php?title=Shellcode/w32_SEH_omelet_shellcode
http://code.google.com/p/w32-seh-omelet-shellcode/
backup: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/13507-1.zip (2009-w32-SEH-omlet-shellcode-v0.2.zip)
backup: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/13507-2.zip (2009-w32-SEH-omlet-shellcode-older-versions.zip)
I have not had a chance to test this newer version in a live exploit, so do
let me know if you have a chance to use it.
Cheers,
SkyLined
# milw0rm.com [2009-03-16]