danielsauder

IT security is a matter of trust.

Shellcode Binder for Windows 64 Bit

I did not find a shellcode binder for Windows 64 bit systems, so here is my version:

#include <windows.h>

unsigned char sc[] =
// your shellcode here

typedef void (*FUNCPTR)();

int main(int argc, char **argv)
{
FUNCPTR func;
int len;
DWORD oldProtect;

len = sizeof(sc);

if (0 == VirtualProtect(&sc, len, PAGE_EXECUTE_READWRITE, &oldProtect))
return 1;

func = (FUNCPTR)sc;
func();

return 0;
}

For development I used TDM-GCC-64, compiled with gcc -m64 binder.c.

This article brought me on the right path for using VirtualProtect:

http://mcdermottcybersecurity.com/articles/windows-x64-shellcode

More on VirtualProtect:

http://msdn.microsoft.com/en-us/library/windows/desktop/aa366898(v=vs.85).aspx

Published by

Daniel

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: