public static byte[] GetExitMethod(EExitFunc method, EPlatform platform, EArquitecture arq)
{
switch (platform)
{
case EPlatform.Windows:
{
switch (arq)
{
case EArquitecture.x86:
{
string function = "";
switch (method)
{
case EExitFunc.Process: function = "ExitProcess"; break;
case EExitFunc.Thread: function = "ExitThread"; break;
default: return(null);
}
/*
* ;; eax = GetProcAddress(ebx, "ExitProcess")
* push edi
* push 01737365h
* dec byte ptr [esp + 3h]
* push 'corP'
* push 'tixE'
* push esp
* push ebx
* call esi
*/
byte[] shell1 = AsmHelper.StringToAsmX86(function);
//0x68,0x50,0x72,0x6f,0x63,0x68,0x45,0x78, 0x69,0x74,
/*
* ;; ExitProcess(NULL);
* push edi
* call eax
*/
byte[] shell2 = new byte[]
{
0x54, 0x53, 0xff, 0xd6, 0x57, 0xff, 0xd0
};
return(shell1.Concat(shell2));
}
}
break;
}
}
return(null);
}
public static byte[] GetExitMethod(EExitFunc method, EPlatform platform, EArquitecture arq)
{
switch (platform)
{
case EPlatform.Windows:
{
switch (arq)
{
case EArquitecture.x86:
{
string function = "";
switch (method)
{
case EExitFunc.Process: function = "ExitProcess"; break;
case EExitFunc.Thread: function = "ExitThread"; break;
default: return null;
}
/*
;; eax = GetProcAddress(ebx, "ExitProcess")
push edi
push 01737365h
dec byte ptr [esp + 3h]
push 'corP'
push 'tixE'
push esp
push ebx
call esi
*/
byte[] shell1 = AsmHelper.StringToAsmX86(function);
//0x68,0x50,0x72,0x6f,0x63,0x68,0x45,0x78, 0x69,0x74,
/*
;; ExitProcess(NULL);
push edi
call eax
*/
byte[] shell2 = new byte[]
{
0x54,0x53,0xff,0xd6,0x57,0xff,0xd0
};
return shell1.Concat(shell2);
}
}
break;
}
}
return null;
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="platform">Platform</param>
/// <param name="arq">Arquitecture</param>
/// <param name="name">Name</param>
/// <param name="variables">Variables</param>
public Target(EPlatform platform, EArquitecture arq, string name, params Variable[] variables)
: this()
{
Name = name;
Platform = platform;
Arquitecture = arq;
if (variables == null) return;
foreach (Variable v in variables)
{
if (!_Variables.ContainsKey(v.Name))
_Variables.Add(v.Name, v.Value);
else
_Variables[v.Name] = v.Value;
}
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="platform">Platform</param>
/// <param name="arq">Arquitecture</param>
/// <param name="name">Name</param>
/// <param name="variables">Variables</param>
public Target(EPlatform platform, EArquitecture arq, string name, params Variable[] variables)
: this()
{
Name = name;
Platform = platform;
Arquitecture = arq;
if (variables == null)
{
return;
}
foreach (Variable v in variables)
{
if (!_Variables.ContainsKey(v.Name))
{
_Variables.Add(v.Name, v.Value);
}
else
{
_Variables[v.Name] = v.Value;
}
}
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="platform">Platform</param>
/// <param name="arq">Arquitecture</param>
/// <param name="name">Name</param>
/// <param name="variables">Variables</param>
public Target(EPlatform platform, EArquitecture arq, params Variable[] variables)
: this(platform, arq, "", variables)
{
}
