Shellcode Loader

Abusing callback to run shellcode.

Overview

Eksekusi shellcode dengan CryptDecodeMessage.

BOOL CryptDecodeMessage (DWORD dwMsgTypeFlags, PCRYPT_DECRYPT_MESSAGE_PARA pDecryptPara, PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara, DWORD dwSignerIndex, const BYTE *pbEncodedBlob, DWORD cbEncodedBlob, DWORD dwPrevInnerContentType, DWORD *pdwMsgType, DWORD *pdwInnerContentType, BYTE *pbDecoded, DWORD *pcbDecoded, PCCERT_CONTEXT *ppXchgCert, PCCERT_CONTEXT *ppSignerCert);

Reference

MSDN CryptDecodeMessage
MSDN structure CRYPT_VERIFY_MESSAGE_PARA

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Shellcode Loader

Overview

Reference

FilesExpand file tree

README.md

Latest commit

History

README.md

File metadata and controls

Shellcode Loader

Overview

Reference