process_overwriting icon indicating copy to clipboard operation
process_overwriting copied to clipboard
verified publisher icon hasherezade

How was created the payload?

Open yepgogogo opened this issue 3 months ago • 0 comments

I created an X86 payload executable using Visual Studio 2022 (v143) with CFG disabled, targeting C:\Windows\SysWOW64\mstsc.exe. The prompt shows [+] Done!, but no popup appears. However, when I use your demo.bin file, it works. Why is that?

my payload code:

#pragma comment(linker, "/subsystem:\"windows\" /entry:\"mainCRTStartup\"")
//

#include <windows.h>
#include <fstream>
#include "resource.h"
#include <iostream>


int main()
{
	MessageBoxA(NULL,"1","1",1);
	return 0;
}

yepgogogo avatar Oct 30 '25 19:10 yepgogogo