File tree 1 file changed +20
-0
lines changed
1 file changed +20
-0
lines changed Original file line number Diff line number Diff line change @@ -28,6 +28,22 @@ cpp.LoadWithKernel32();//or cpp.LoadWithNT();
2828cpp.Dispose();
2929```
3030
31+ MapView:
32+
33+ ```
34+ ShellCodeLoader.MapView cpp = new ShellCodeLoader.MapView(PayloadCpp64.rawData);
35+ cpp.LoadWithNtMapView();
36+ cpp.Dispose();
37+ ```
38+
39+ MapView with target:
40+
41+ ```
42+ ShellCodeLoader.MapView cpp = new ShellCodeLoader.MapView(Target, PayloadCpp64.rawData);
43+ cpp.LoadWithNtMapView();
44+ cpp.Dispose();
45+ ```
46+
3147Includes :
3248
3349* Asynchronous (a simple Task.Run to not block main thread)
@@ -38,6 +54,8 @@ Includes :
3854* NtDll : NtProtectVirtualMemory
3955* NtDll : NtFreeVirtualMemory
4056* NtDll : NtCreateThreadEx
57+ * NtDll : NtCreateSection
58+ * NtDll : NtMapViewOfSection
4159* Kernel32 : GetCurrentProcess
4260* Kernel32 : VirtualAlloc
4361* Kernel32 : VirtualAllocEx
@@ -51,6 +69,8 @@ Includes :
5169* Enumeration : PageProtection
5270* Enumeration : TypeAlloc
5371* Enumeration: FreeType
72+ * Enumeration : SectionAccess
73+ * Enumeration : MappingAttributes
5474* Delegates : all functions have been written with delegate style except GetModuleHandle and GetProcAddress
5575
5676TODO :
You can’t perform that action at this time.
0 commit comments