Last active
January 31, 2020 21:51
-
-
Save ihnorton/9903135 to your computer and use it in GitHub Desktop.
Curiosity and the cat
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| mem_size = 64 | |
| mem_prot = 0x40 # PAGE_EXECUTE_READWRITE | |
| mem_type = 0x00001000 # MEM_COMMIT | |
| ex_mem = ccall(:VirtualAlloc, | |
| Ptr{Uint8}, | |
| (Ptr{Void}, Csize_t, Uint64, Uint64), | |
| C_NULL, mem_size, mem_type, mem_prot) # call VirtualAlloc and get executable page | |
| exec_arr = pointer_to_array(ex_mem, (32,2)); # consider as an array so we can write to it | |
| # note that we make it (32,2) so that we won't | |
| # accidentally try to resize it. Can still | |
| # access directly up to index 64. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| exec_arr[1] = 0x55 # push ebp | |
| exec_arr[2] = 0x5d # pop ebp | |
| exec_arr[3] = 0xc3 # ret | |
| ccall(pointer(exec_arr), Void, ()) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is really cool. I love that I can basically write like Python and jump to raw bytes and start executing them in the same language :)