unsigned char shellcode[17] = {
0x6A, 0x00, 0x6A, 0x00, 0x6A, 0x00, 0x6A, 0x00,
0xE8, 0x91, 0xFC, 0x2E, 0x74,
0xE9, 0xEE, 0x90, 0x0B
};
hFile = CreateFile("1.exe",GENERIC_READ | GENERIC_WRITE,FILE_SHARE_READ,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL);
if (hFile == INVALID_HANDLE_VALUE)
{
printf("CreateFile Error: %d\n", GetLastError());
return;
}
hMap = CreateFileMapping(hFile, NULL, PAGE_READWRITE, 0, 0, 0);
if (hMap == NULL)
{
printf("CreateFileMapping Error: %d\n", GetLastError());
CloseHandle(hFile);
return;
}
lpBase = MapViewOfFile(hMap, FILE_MAP_READ | FILE_MAP_WRITE, 0, 0, 0);
if (!lpBase)
{
printf("MapViewOfFile Error: %d\n", GetLastError());
CloseHandle(hMap);
CloseHandle(hFile);
return;
}
pDosHeader = (PIMAGE_DOS_HEADER)lpBase;
if (pDosHeader->e_magic != IMAGE_DOS_SIGNATURE)
{
UnmapViewOfFile(lpBase);
CloseHandle(hMap);
CloseHandle(hFile);
return;
}
pNtHeader = (PIMAGE_NT_HEADERS)((BYTE *)lpBase + pDosHeader->e_lfanew);
if (pNtHeader->Signature != IMAGE_NT_SIGNATURE)
{
UnmapViewOfFile(lpBase);
CloseHandle(hMap);
CloseHandle(hFile);
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!