Interesting to see Nim used here. I participate a bit in its community because it's a fun language, but I had not yet heard that it was used in opsec circles.
I wonder why people are writing shell codes for that?<p>When I need to inject my code into another process, I write a DLL and only inject LoadLibrary function call. Much more reliable this way: the OS applies relocation table, I have C and C++ runtimes in the injected code, the result is compatible with ASLR, if my DLL has other DLL dependencies the OS will load them first, etc.
I followed the link to the Nim site and downloaded the official 64 bit version.<p>Windows Defender (Win10) reports a <i>severe threat</i> in <i>nim-1.4.8\bin\vccexe.exe</i> - <i>Trojan:Win32/Wacatac.B!ml</i> - which allows remote code execution.<p>It may be a false positive - but the whole post is about exploits so I'll probably not risk it.