Created
April 20, 2021 09:48
-
-
Save aaaddress1/193d88c59648604421df32478b1fdc16 to your computer and use it in GitHub Desktop.
memcpy32.cpp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // memcpy 32bit by [email protected] | |
| #include <stdint.h> | |
| #include <stdio.h> | |
| #include <windows.h> | |
| int main(void) { | |
| int dummy(0x41414242); | |
| char buf[8] = {0}; | |
| ((void(cdecl *)(DWORD, DWORD, DWORD))"\x8B\x7C\x24\x04\x8B\x74\x24\x08\x8B\x4C\x24\x0C\xF3\xA4\xC3")((size_t)buf, (size_t)&dummy, sizeof(dummy)); | |
| puts(buf); | |
| } |
Author
aaaddress1
commented
Apr 20, 2021
What is code doing can u explain it please?
look at the code of line 9, there's a byte array. that's a x86 machine code payload, and use online x86 to disassemble you will get the following asm script:
this x86 script just used for copy data from source to destination (just like memcpy)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment