Created
May 20, 2016 06:46
-
-
Save Naravia/d5513574d9cb4144dbaa1a325e9c8b16 to your computer and use it in GitHub Desktop.
FrameScript__Execute example by Saridormi @ Ownedcore
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Diagnostics; | |
using System.Linq; | |
using System.Text; | |
using Binarysharp.MemoryManagement; | |
using Binarysharp.MemoryManagement.Memory; | |
namespace LuaExecPOC | |
{ | |
class Program | |
{ | |
static void Main(string[] args) | |
{ | |
begin: | |
Console.Write($"Enter process name: "); | |
string processName = Console.ReadLine(); | |
Process process = Process.GetProcesses().FirstOrDefault(x => string.Equals(x.ProcessName, processName, StringComparison.CurrentCultureIgnoreCase)); | |
if (process == null) | |
{ | |
Console.WriteLine("Process not found."); | |
goto begin; | |
} | |
try | |
{ | |
var wow = new MemorySharp(process); | |
while (true) | |
{ | |
Console.Write("Enter Lua to execute: "); | |
string lua = Console.ReadLine(); | |
if (lua == null) | |
continue; | |
RemoteAllocation codeCave = wow.Memory.Allocate(lua.Length + 0x1); | |
codeCave.WriteString(lua, Encoding.ASCII); | |
wow.Assembly.InjectAndExecute(new[] | |
{ | |
"mov eax, 0", | |
"mov ecx, " + codeCave.BaseAddress, | |
"mov edx, " + codeCave.BaseAddress, | |
"call 0x704cd0", | |
"retn" | |
}); | |
} | |
} | |
catch (Exception ex) | |
{ | |
Console.WriteLine("An exception has occurred. You're probably not running as Administrator."); | |
Console.WriteLine(); | |
Console.WriteLine(ex); | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment