Shellcode Loader

Abusing callback to run shellcode.

Overview

Eksekusi shellcode dengan CertFindChainInStore.

PCCERT_CHAIN_CONTEXT CertFindChainInStore (HCERTSTORE hCertStore, DWORD dwCertEncodingType, DWORD dwFindFlags, DWORD dwFindType, const void *pvFindPara, PCCERT_CHAIN_CONTEXT pPrevChainContext);

HCERTSTORE CertOpenStore (LPCSTR lpszStoreProvider, DWORD dwEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const void *pvPara);

HCERTSTORE CertOpenSystemStoreA (HCRYPTPROV_LEGACY hProv, LPCSTR szSubsystemProtocol);

HCERTSTORE CertOpenSystemStoreW (HCRYPTPROV_LEGACY hProv, LPCWSTR szSubsystemProtocol);

Reference

MSDN CertFindChainInStore
MSDN CertOpenStore
MSDN CertOpenSystemStoreA
MSDN CertOpenSystemStoreW

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Shellcode Loader

Overview

Reference

FilesExpand file tree

README.md

Latest commit

History

README.md

File metadata and controls

Shellcode Loader

Overview

Reference