Skip to content

Instantly share code, notes, and snippets.

@kumatti1

kumatti1/otukare.asm

Created April 16, 2012 06:39
Show Gist options
  • Save kumatti1/2396738 to your computer and use it in GitHub Desktop.
Save kumatti1/2396738 to your computer and use it in GitHub Desktop.
Download ZIP
ああー、マイクのテスト中
Raw
gistfile1.cpp
#include <windows.h>
#include <stdio.h>
struct Vtable{
LPBYTE *ppCode;
FARPROC ptr;
};
void main()
{
Vtable vtbl;
BYTE byt[] = {
0x48,
0x83,
0xEC,
0x28,
0xFF,
0x51,
0x08,
0x48,
0x83,
0xC4,
0x28,
0xC3
};
UINT asmSize = _countof(byt);
LPBYTE ptr =(LPBYTE)VirtualAlloc(nullptr, asmSize,MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE);
RtlMoveMemory(ptr,byt,asmSize);
vtbl.ppCode =&ptr;
HMODULE hDll = GetModuleHandleW(L"kernel32.dll");
vtbl.ptr = GetProcAddress(hDll,"OutputDebugStringA");
VARIANTARG varArgs;
varArgs.vt = VT_LPSTR;
varArgs.pcVal = "test";
LPVARIANTARG pVarArgs = &varArgs;
VARTYPE vtTmp = VT_I8;
ULONG ovft = 0;
VARIANT v;
DispCallFunc(&vtbl,ovft,CC_STDCALL,VT_I8,1,&vtTmp,&pVarArgs,&v);
VirtualFree(ptr, asmSize, MEM_RELEASE);
}
Raw
otukare.asm
_text SEGMENT
sub rsp, 40
call qword ptr[rcx + 8]
add rsp, 40
ret
_text ENDS
END
Raw
otukare.bat
call "C:\Program Files (x86)\Microsoft Visual Studio 10.0\VC\vcvarsall.bat" amd64
ml64.exe /Fo otukare.obj /c otukare.asm
dumpbin /section:.text /rawdata:,1 otukare.obj
Raw
otukare.js
var FilePath1 = ".\\otukare.bat";
var wsh = new ActiveXObject("WScript.Shell");
var s = wsh.Exec(FilePath1).StdOut.ReadAll();
//WScript.Echo(s);//確認用
var arr = s.match(/:[\dA-F\s]+\n/g);
//WScript.Echo(arr);//確認用
//WScript.Quit();
s = '';
for(var i=0;i < arr.length;i++){
var arr2 = arr[i].match(/[\dA-F]+/g);
s+= '0x' + arr2[0] + ', \n';
}
s = s.slice(0,-3);
//結果
WScript.Echo(s);
WScript.Quit();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment