Jasemalsadi · March 25, 2025 21:59
diff --git a/shellcodeExec.asm b/shellcodeExec.asm
 .386
 .model flat, stdcall
 OPTION  CaseMap:None

 .stack 6096
 ExitProcess PROTO, dwExitCode: DWORD



 include \masm32\include\windows.inc
 include \masm32\include\user32.inc
 include \masm32\include\kernel32.inc
 includelib \masm32\lib\user32.lib
 includelib\masm32\lib\kernel32.lib


 includelib  \masm32\lib\msvcrt.lib



 printf PROTO C :VARARG  ; The secret sauce.. a prototype of printf

 include \masm32\include\advapi32.inc
 includelib \masm32\lib\advapi32.lib

 .data
 	 shellcodePath9 db 'C:\\Users\\J\\Desktop\\shellcode.bin',0
 .code 
 shellcode PROC 
 			push ebx
 			push ecx
 			push edx
 			push esi
 
 			mov esi, offset shellcodePath9
 			invoke CreateFile, esi, GENERIC_READ,FILE_SHARE_READ,NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL
 			push eax ; handle to a file

 			invoke GetFileSize, eax,NULL
 			mov ebx,eax ; file size
 			pop ecx ; handle to a file
 			mov edx,138240 ; FILE_MAP_START = 138240
 			invoke CreateFileMapping, ecx,NULL,PAGE_READONLY,0,ebx,NULL
 			invoke MapViewOfFile, eax ,FILE_MAP_READ,0, edx ,ebx
 			mov ecx, eax 
 			push ecx
 			invoke VirtualAlloc,0,ebx,MEM_COMMIT, PAGE_EXECUTE_READWRITE
 			pop ecx
 			; ebx : file size 
 			; ecx : old memory location 
 			; eax : new memory location to be copied to 
 			push ebx
 			push ecx
 			push eax
 			push edx

 			mov esi,0
 loop9: ; Loop to copy the shellcode bytes manually
 			cmp esi,ebx
 			je end9
 			mov dl,[ecx + esi]
 			push ecx
 			mov ecx,eax
 			mov [ecx + esi], dl
 			pop ecx
 			inc esi
 			jmp loop9
 			
 end9: 
 			pop edx
 			pop eax
 			pop ecx
 			pop ebx
 			call eax  ; calling the memory region  

 			pop esi 
 			pop edx
 			pop ecx
 			pop ebx
 			ret
 shellcode ENDP


 main PROC
  call shellcode
 	INVOKE ExitProcess, 0
 main ENDP
 END main
	.386
	.model flat, stdcall
	OPTION CaseMap:None

	.stack 6096
	ExitProcess PROTO, dwExitCode: DWORD



	include \masm32\include\windows.inc
	include \masm32\include\user32.inc
	include \masm32\include\kernel32.inc
	includelib \masm32\lib\user32.lib
	includelib\masm32\lib\kernel32.lib


	includelib \masm32\lib\msvcrt.lib



	printf PROTO C :VARARG ; The secret sauce.. a prototype of printf

	include \masm32\include\advapi32.inc
	includelib \masm32\lib\advapi32.lib

	.data
	shellcodePath9 db 'C:\\Users\\J\\Desktop\\shellcode.bin',0
	.code
	shellcode PROC
	push ebx
	push ecx
	push edx
	push esi

	mov esi, offset shellcodePath9
	invoke CreateFile, esi, GENERIC_READ,FILE_SHARE_READ,NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL
	push eax ; handle to a file

	invoke GetFileSize, eax,NULL
	mov ebx,eax ; file size
	pop ecx ; handle to a file
	mov edx,138240 ; FILE_MAP_START = 138240
	invoke CreateFileMapping, ecx,NULL,PAGE_READONLY,0,ebx,NULL
	invoke MapViewOfFile, eax ,FILE_MAP_READ,0, edx ,ebx
	mov ecx, eax
	push ecx
	invoke VirtualAlloc,0,ebx,MEM_COMMIT, PAGE_EXECUTE_READWRITE
	pop ecx
	; ebx : file size
	; ecx : old memory location
	; eax : new memory location to be copied to
	push ebx
	push ecx
	push eax
	push edx

	mov esi,0
	loop9: ; Loop to copy the shellcode bytes manually
	cmp esi,ebx
	je end9
	mov dl,[ecx + esi]
	push ecx
	mov ecx,eax
	mov [ecx + esi], dl
	pop ecx
	inc esi
	jmp loop9

	end9:
	pop edx
	pop eax
	pop ecx
	pop ebx
	call eax ; calling the memory region

	pop esi
	pop edx
	pop ecx
	pop ebx
	ret
	shellcode ENDP


	main PROC
	call shellcode
	INVOKE ExitProcess, 0
	main ENDP
	END main