You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

54 lines
1.0 KiB

#include <Windows.h>
#include <stdio.h>
#include "NativeCode.h"
#include "RipXorInst.h"
#include "RipMovInst.h"
UCHAR TestBuffer[]{
0x48, 0x33, 0xC0,
0x48, 0x33, 0xC0,
0xEB, 0x0E,
0x48, 0x33, 0xC0,
0x48, 0x33, 0xC0,
0x7E, 0x06,
0x48, 0x33, 0xC0,
0x48, 0x33, 0xC0,
0x48, 0x33, 0xC0,
0x48, 0x33, 0xC0,
0xEB, 0xF8,
0x50,
0x48, 0xB8, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0F,
0x48, 0x87, 0x04, 0x24,
0xC3,
};
ULONG TestBufferSize = sizeof(TestBuffer);
int main()
{
NATIVE_CODE_BLOCK Block;
XedTablesInit();
NcDisassemble(&Block, TestBuffer, TestBufferSize);
NcDebugPrint(&Block);
NATIVE_CODE_LINK T;
T.RawDataSize = 10;
T.RawData = new UCHAR[10];
memset(T.RawData, 0xAA, 10);
XOR_INST_DATA Data;
RtlSecureZeroMemory(&Data, sizeof(XOR_INST_DATA));
PNATIVE_CODE_BLOCK NewBlock = ObfEmitPreMovForInst(&T);
if (NewBlock)
{
printf("\n");
NcDebugPrint(NewBlock);
printf("\n");
NcPrintBlockCode(NewBlock);
}
//PNATIVE_CODE_LINK temp = new NATIVE_CODE_LINK("Hello");
system("pause");
}