EQGRP_Lost_in_Translation icon indicating copy to clipboard operation
EQGRP_Lost_in_Translation copied to clipboard

Published 20 hours ago verified publisher icon x0rz

what is "DOPU shellcode buffer"

Open 615 opened this issue 7 years ago • 2 comments

how to set up the value of "DOPU shellcode buffer"
use Eternalchampion thumb_mon_1704_14_1150978582736040_bccb62f8b8803a2

615 avatar Apr 27 '17 11:04 615

  • https://github.com/boogaloo1977/EquationGroup/blob/2364f4bf3fb73f1d467fdcc8285742eaad2db86e/windows/payloads/Doublepulsar-1.3.1.0.xml#L71

  • https://github.com/boogaloo1977/EquationGroup/blob/2364f4bf3fb73f1d467fdcc8285742eaad2db86e/windows/specials/Eternalchampion-2.0.0.0.xml#L25

https://github.com/misterch0c/shadowbroker/issues/20

Atavic avatar May 23 '17 14:05 Atavic

shellcode buffer means you need to use DoublePulsar to generate a shellcode(about 4KiB) and paste its hex content to fb(you could use WinHex to copy its hex), while shellcode file needs that 4KiB file generated by DoublePulsar in which you only need to point out its path. Judging by your bio, I assume you would probably understand Chinese so you could go to my profile page and check it out on my blogsite.

BennyThink avatar May 26 '17 13:05 BennyThink