For those interested in metasploit (or whatever) payload injection into EXE files, the metasploit patch (now posted http://www.metasploit.com/redmine/projects/framework/repository/revisions/8896) is based on one case, albeit the most likely to work, of my original program in C and Win32 API. This original program also can embed the payload if it fits into unused space at the end of a code section, which […]

I recently posed a patch to inject an arbitrary metasploit payload into a win32 exe while attempting to not affect the behavior of the host exe. I’m not the best ruby ninja, but I do at least know a little about the PE format. https://metasploit.com/redmine/issues/1244#change-3739 the patch: https://metasploit.com/redmine/attachments/196/inject.patch Payload is run in a separate thread. […]