CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/CallDllMain.asm


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

[SECTION .text]
global _start

_start:
	; Get stack setup
	push ebx
	mov ebx, esp
	and esp, 0xfffffff0
	
	; Call DllMain
	mov ecx, 0x41414141		; DLLHandle, set by PowerShell
	mov edx, 0x1			; PROCESS_ATTACH
	mov eax, 0x0			; NULL
	push eax
	push edx
	push ecx
	mov eax, 0x41414141		; Address of DllMain, set by PS
	call eax

	; Fix stack
	mov esp, ebx
	pop ebx
	ret