Didier Stevens

Tuesday 16 February 2010

MemoryLoadLibrary: From C Program to Shellcode

Filed under: Hacking,My Software,Shellcode — Didier Stevens @ 0:40

The DLL-loading shellcode I used in my cmd.xls spreadsheet was generated with a method I worked out to generate WIN32 shellcode with a C-compiler. You can find it on my new Shellcode page.

With this release, I provide you with all the tools you need to build your own version of cmd.xls:

3 Comments »

  1. [...] of the graphics. I took Solitaire from ReactOS, turned it into a DLL and embedded it with my memory loading shellcode into Excel macros (the same technique as I developed for cmd.dll and regedit.dll). I imagine that a [...]

    Pingback by Frisky Solitaire – Another Info Stealer « Didier Stevens — Tuesday 9 March 2010 @ 0:01

  2. Hi,
    Thank you for sharing this.
    i have qustion, how can i replace the dll in ShellCodeMemoryModule.exe.bin with cmd.dll?

    Comment by Anonymous — Tuesday 20 April 2010 @ 15:47

  3. @Anonymous You’ll notice that the DLL is just appended to the shellcode (when you open the file with a hex editor). Just replace the bytes of the DLL with your own DLL.

    Comment by Didier Stevens — Monday 26 April 2010 @ 9:17


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 236 other followers

%d bloggers like this: