forked from oops4git/ShellCode-Interpreter
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathLoader.cpp
More file actions
24 lines (18 loc) · 3.44 KB
/
Loader.cpp
File metadata and controls
24 lines (18 loc) · 3.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
#include <iostream>
#include <windows.h>
#include "Interpreter.h"
using namespace std;
int main() {
// 自定义汇编
char selfAsm[] = "0_4_q_pq70+i20_q_q38_5_4_q_pq70+i18_q_q30_a_4_q_pq70+i10_q_q18_f_4_q_pq70+i8_q_q10_14_0_q_q28_q__15_9_q_q70_q_i120_1c_4_d_pq70+i78_d_i18_24_4_d_pq70+i88_d_i1_2f_4_q_pq70+i80_q_i0_3b_4_d_d0_d_i8_40_6_q_q0_q_lq0+q0_44_11_d_d38_d_d38_47_6_q_q30_q_lq70+i78_4c_6_q_q18_q_lq70+i58_51_6_q_q10_q_lq70+i60_56_4_q_q40_q_pq70+i148_5e_2_q_pq40+q0_q__62_12_d_d0_d_d0_64_17_q_i6b_q__66_15_q_i2bb_q__6b_6_q_q0_q_lq70+ib0_73_4_q_q28_q_q0_76_11_d_d0_d_d0_78_4_d_d10_d_i68_7d_14_b_pq28_b_b0_7f_4_d_pq70+ib0_d_i68_8a_4_q_q0_q_pq70+i58_8f_4_q_pq70+i110_q_q0_97_4_q_q0_q_pq70+i58_9c_4_q_pq70+i108_q_q0_a4_11_d_d0_d_d0_a6_4_w_pq70+if0_w_w0_ae_4_d_pq70+iec_d_i101_b9_4_d_d0_d_i8_be_4_q_q8_q_q0_bf_6_q_q0_q_lq0+q0_c1_6_q_q0_q_lq0+q8_c2_6_q_q10_q_lq70+i90_ca_4_q_pq70+i48_q_q10_cf_6_q_q10_q_lq70+ib0_d7_4_q_pq70+i40_q_q10_dc_4_q_pq70+i38_q_i0_e5_4_q_pq70+i30_q_i0_ee_4_d_pq70+i28_d_i0_f6_4_d_pq70+i20_d_i1_fe_11_d_d38_d_d38_101_11_d_d30_d_d30_104_4_q_q18_q_pq70+i130_10c_11_d_d10_d_d10_10e_4_q_q28_q_pq70+i148_116_2_q_pq28+q0_q__119_12_d_d0_d_d0_11b_17_q_i154_q__11d_4_d_d0_d_i8_122_6_q_q0_q_lq0+q0_123_6_q_q0_q_lq0+q0_126_4_q_q10_q_pq70+i60_12b_4_q_q18_q_pq70+i148_133_2_q_pq18+q0_q__136_4_d_d0_d_i8_13b_6_q_q0_q_lq0+q0_13c_6_q_q0_q_lq0+q0_13f_4_q_q10_q_pq70+i58_144_4_q_q18_q_pq70+i148_14c_2_q_pq18+q0_q__14f_15_q_i2bb_q__154_4_d_d0_d_i8_159_6_q_q0_q_lq0+q0_15a_6_q_q0_q_lq0+q0_15d_4_q_q10_q_pq70+i58_162_4_q_q18_q_pq70+i148_16a_2_q_pq18+q0_q__16d_4_d_d0_d_i8_172_6_q_q0_q_lq0+q0_173_6_q_q0_q_lq0+q0_176_4_q_q10_q_pq70+i98_17e_4_q_q18_q_pq70+i148_186_2_q_pq18+q0_q__189_4_d_d0_d_i8_18e_6_q_q0_q_lq0+q0_18f_6_q_q0_q_lq0+q0_192_4_q_q10_q_pq70+i90_19a_4_q_q18_q_pq70+i148_1a2_2_q_pq18+q0_q__1a5_4_q_q0_q_pq70+i140_1ad_4_d_pq0_d_i0_1b3_4_d_d0_d_i8_1b8_4_q_q0_q_i0_1bc_4_d_d10_d_ifa_1c1_4_q_q18_q_pq70+i148_1c9_2_q_pq18+q0_q__1cc_4_q_q10_q_pq70+i138_1d4_4_q_pq10_q_q0_1d7_4_q_q0_q_pq70+i140_1df_5_q_q0_d_pq0_1e2_4_q_q10_q_pq70+i138_1ea_7_q_q0_q_pq10_1ed_4_d_d10_d_i8_1f2_4_q_q8_q_q10_1f3_6_q_q10_q_lq10+q10_1f4_6_q_q10_q_lq10+q10_1f5_6_q_q10_q_lq10+q8_1f6_4_q_pq70+i68_q_q10_1fb_4_q_pq70+i20_q_i0_204_6_q_q38_q_lq70+i50_209_4_d_d30_d_i64_20f_4_q_q18_q_q0_212_4_q_q10_q_pq70+i60_217_4_q_q0_q_pq70+i148_21f_4_q_q28_q_pq70+i68_224_2_q_pq0+q28_q__227_12_d_d0_d_d0_229_16_q_i2a2_q__22b_10_d_pq70+i50_d_i0_230_16_q_i2a2_q__232_4_q_q0_q_pq70+i140_23a_4_d_d0_d_pq0_23c_7_d_d0_d_pq70+i50_240_4_q_q10_q_pq70+i140_248_4_d_pq10_d_d0_24a_4_q_q0_q_pq70+i140_252_10_d_pq0_d_i64_255_18_q_i29d_q__257_4_q_q0_q_pq70+i140_25f_4_d_d0_d_pq0_261_7_d_d0_d_i64_264_13_q__q__266_4_d_d10_d_i8_26f_4_q_pq70+i70_q_q10_274_4_q_q18_q_q0_277_4_q_q0_q_pq70+i138_27f_4_q_q10_q_pq0_282_4_q_q0_q_pq70+i148_28a_4_q_q28_q_pq70+i70_28f_2_q_pq0+q28_q__292_4_q_q10_q_pq70+i138_29a_4_q_pq10_q_q0_29d_15_q_i1d7_q__2a2_4_d_d0_d_i8_2a7_6_q_q0_q_lq0+q0_2a8_6_q_q0_q_lq0+q0_2ab_4_q_q10_q_pq70+i60_2b0_4_q_q18_q_pq70+i148_2b8_2_q_pq18+q0_q__2bb_7_q_q70_q_i120_2c2_1_q_q28_q__2c3_3_q__q__!";
// ShellCode 参数
char commandPara[] = "cmd /c tasklist";
char* commandOutput;
int commandOutputLength;
PVOID funcAddr[] = { malloc, realloc, CreatePipe, CreateProcessA, CloseHandle, ReadFile };
// 调用解释器
MagicInvoke(selfAsm, commandPara, &commandOutput, &commandOutputLength, funcAddr);
// ShellCode 输出
*(commandOutput + commandOutputLength) = '\0';
cout << commandOutput;
}