Per request, I release my assembly code I’ve used in my previous blogposts to display a message box when the injected shellcode gets executed. It’s nothing special, but it will save you some time when you need a similar program.
Assemble the code with nasm like this:
nasm -o sc-mba-hello.bin sc-mba-hello.asm
I use the DLL locating code published in The Shellcoder’s Handbook, you can find it in the include file sc-api-functions.asm. MessageBoxA is located in user32.dll, this dll has to be loaded in the process you’re injecting with sc-mba-hello.
sc-ods.asm is a similar program, calling OutputDebugStringA in stead of MessageBoxA.
Download:
my-shellcode_v0_0_1.zip (https)
MD5: F215B29BA3C8F24CFBA5C24BED65B68A
SHA256: EA1DB8028954CEB18B8AD2EB37CA6BA0CD7CDC6B9A64F10561382152701C013F
The shellcode:
Didier Stevens 
Leave a Reply (comments are moderated)