NtRaiseHardError
/ imagine-needing-writeprocessmemory-and-createremotethread.c
Last active
June 28, 2022 15:47
Process injection without WriteProcessMemory or CreateRemoteThread/QueueUserApc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| // example shellcode | |
| // make sure to have 8 reserved bytes for 64-bit ret | |
| // gadget to rop into the actual shellcode | |
| CHAR shellcode[] = { | |
| // 8 bytes here for jmp loop gadget | |
| 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, | |
| // actual shellcode starts here | |
| 0xEB, 0xFE, 0x01, 0x23, 0x45, 0x67, 0x89, 0xAA, |
NtRaiseHardError
/ ClipboardMonitor.c
Last active
May 31, 2020 07:13
PoC code to demonstrate clipboard monitoring in Windows using an event-based listener.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // PoC code to demonstrate clipboard monitoring in Windows | |
| // using an event-based listener. | |
| #include <stdio.h> | |
| #include <Windows.h> | |
| #define CLASS_NAME L"MY_CLASS" | |
| #define WINDOW_NAME L"MY_WINDOW" | |
| LRESULT CALLBACK WindowProc(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam) { | |
| HANDLE hClipData = NULL; |