Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Runtime.InteropServices;
- using System.Security;
- namespace ConsoleApp138
- {
- class Program
- {
- [DllImport("kernel32.dll" )]
- private static extern IntPtr LoadLibrary( IntPtr str);
- [DllImport("kernel32.dll")]
- private static extern IntPtr GetProcAddress(IntPtr lib, IntPtr str);
- /// <summary>
- /// Declare our unknown function (in this case messagebox)
- /// </summary>
- /// <returns></returns>
- delegate int UnknownFunction(int a, string x, string y, int z);
- /// <summary>
- /// Invented and created by gigajew @ www.hackforums.net
- /// Afaik first of it's kind
- /// </summary>
- static void Main(string[] args)
- {
- // call user32!MessageBoxA
- Example1();
- // call user32!MessageBoxA
- Example2();
- }
- static void Example2()
- {
- SecureString ker = new SecureString();
- ker.AppendChar('U');
- ker.AppendChar('s');
- ker.AppendChar('e');
- ker.AppendChar('r');
- ker.AppendChar('3');
- ker.AppendChar('2');
- ker.AppendChar('.');
- ker.AppendChar('d');
- ker.AppendChar('l');
- ker.AppendChar('l');
- SecureString mes = new SecureString();
- mes.AppendChar('M');
- mes.AppendChar('e');
- mes.AppendChar('s');
- mes.AppendChar('s');
- mes.AppendChar('a');
- mes.AppendChar('g');
- mes.AppendChar('e');
- mes.AppendChar('B');
- mes.AppendChar('o');
- mes.AppendChar('x');
- mes.AppendChar('A');
- UnknownFunction unknownFunction1 = GetProcedureSecure<UnknownFunction>(ker, mes);
- unknownFunction1(0, "Hello world 2 ", "Title 2", 2);
- }
- static void Example1()
- {
- SecureString ker = new SecureString();
- ker.AppendChar('U');
- ker.AppendChar('s');
- ker.AppendChar('e');
- ker.AppendChar('r');
- ker.AppendChar('3');
- ker.AppendChar('2');
- ker.AppendChar('.');
- ker.AppendChar('d');
- ker.AppendChar('l');
- ker.AppendChar('l');
- IntPtr lib = LoadLibrarySecure(ker);
- SecureString mes = new SecureString();
- mes.AppendChar('M');
- mes.AppendChar('e');
- mes.AppendChar('s');
- mes.AppendChar('s');
- mes.AppendChar('a');
- mes.AppendChar('g');
- mes.AppendChar('e');
- mes.AppendChar('B');
- mes.AppendChar('o');
- mes.AppendChar('x');
- mes.AppendChar('A');
- IntPtr proc = GetProcAddressSecure(lib, mes);
- UnknownFunction unknownFunction1 = Marshal.GetDelegateForFunctionPointer(proc, typeof(UnknownFunction)) as UnknownFunction;
- unknownFunction1(0, "Hello world", "Title", 0);
- }
- static T GetProcedureSecure<T>(SecureString library, SecureString procedure) where T: class
- {
- IntPtr lib = LoadLibrarySecure(library);
- IntPtr proc = GetProcAddressSecure(lib, procedure);
- T del = Marshal.GetDelegateForFunctionPointer(proc, typeof(T)) as T;
- return del;
- }
- static IntPtr LoadLibrarySecure(SecureString secure )
- {
- IntPtr ptr = Marshal.SecureStringToGlobalAllocAnsi(secure);
- IntPtr lib = LoadLibrary(ptr);
- if(Equals(lib, IntPtr.Zero) )
- {
- throw new Exception("Couldn't load library");
- }
- Marshal.ZeroFreeGlobalAllocAnsi(ptr);
- return lib;
- }
- static IntPtr GetProcAddressSecure(IntPtr lib, SecureString secure )
- {
- IntPtr ptr = Marshal.SecureStringToGlobalAllocAnsi(secure);
- IntPtr func = GetProcAddress(lib, ptr);
- if(Equals(func, IntPtr.Zero))
- {
- throw new Exception("Couldn't find procedure");
- }
- Marshal.ZeroFreeGlobalAllocAnsi(ptr);
- return func;
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement