There is a logic bug that can occasionally be triggered when injecting code in some PE files while using the GetModuleHandle/GetProcAddress IAT handler.
In that case, Shellter may use the unicode version of GetModuleHandle with an IAT Handler stub dedicated for the Ascii input version version of it.
This will cause the infected application to crash without executing the injected payload.
Fix is due to be included in Shellter v6.5.
A recent change in Shellter 6.3 introduced a silly bug that will cause an “RMEM_ERROR_01” error when used in Wine.
I am currently testing the fix for this as well, but in the meantime use version 6.2 in Wine.
While working on the first feature of Shellter Pro, a couple of bugs were discovered. The first is already fixed in the Pro build, but I am still working on the rest of them.
These bugs are affecting Shellter in case during the first injection attempt due to the overall size of the code to be injected, no appropriate locations for injection were found based on the traced execution flow.
When this happens, Shellter goes back to a previous state and asks the user to re-configure what to inject. However, this time during the injection stage Shellter will hang because of some variables not being correctly re-sanitized.
This is a quite rare condition, but once everything is fixed in the Pro build, those fixes will be also applied in the standard version.