Giters

ChaitanyaHaritash / Callback_Shellcode_Injection

POCs for Shellcode Injection via Callbacks

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CallWindowProc.cpp

nblog opened this issue · comments

commented 
    // CallWindowProc

    char shellcode[] =
        "\x31\xC0\x48\x0F\x88\x00\x00\x00\x00\xC3";

    PVOID fnPtr = VirtualAlloc(
        NULL, 
        sizeof(shellcode), 
        MEM_COMMIT | MEM_RESERVE, 
        PAGE_EXECUTE_READWRITE);

    memcpy(fnPtr, shellcode, sizeof(shellcode));

    bool is32bit = CallWindowProcA((WNDPROC)fnPtr, 0, 0, 0, 0);

    printf_s(
        "in 32bit env: %hs", is32bit ? "yep" : "nope"
    );

regarded as one, maybe.

commented

shellcode_execute
build more, thanks for sharing. 🍺