├── .gitignore
├── RunShellcode.cpp
├── RunShellcode.sln
├── RunShellcode.vcxproj
├── stdafx.cpp
├── stdafx.h
└── targetver.h


/.gitignore:
--------------------------------------------------------------------------------
1 | RunShellcode.vcxproj.filters
2 | RunShellcode.vcxproj.user
3 | ReadMe.txt
4 | .vs/
5 | Debug/
6 | 


--------------------------------------------------------------------------------
/RunShellcode.cpp:
--------------------------------------------------------------------------------
  1 | // InjectShellcode.cpp : Defines the entry point for the console application.
  2 | //
  3 | 
  4 | #include "stdafx.h"
  5 | #include <Windows.h>
  6 | #include <tchar.h>
  7 | #include <stdio.h>
  8 | #include <strsafe.h>
  9 | 
 10 | #define BUFFERSIZE 1024
 11 | 
 12 | void display_error(LPTSTR lpszFunction)
 13 | {
 14 |     LPVOID lp_message_buffer;
 15 |     LPVOID lp_display_buffer;
 16 |     DWORD dw = GetLastError();
 17 | 
 18 |     FormatMessage(
 19 |         FORMAT_MESSAGE_ALLOCATE_BUFFER |
 20 |         FORMAT_MESSAGE_FROM_SYSTEM |
 21 |         FORMAT_MESSAGE_IGNORE_INSERTS,
 22 |         NULL,
 23 |         dw,
 24 |         MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
 25 |         (LPTSTR)&lp_message_buffer,
 26 |         0,
 27 |         NULL);
 28 | 
 29 |     lp_display_buffer =
 30 |         (LPVOID)LocalAlloc(LMEM_ZEROINIT,
 31 |         (lstrlen((LPCTSTR)lp_message_buffer)
 32 |             + lstrlen((LPCTSTR)lpszFunction)
 33 |             + 40) // account for format string
 34 |             * sizeof(TCHAR));
 35 | 
 36 |     if (FAILED(StringCchPrintf((LPTSTR)lp_display_buffer,
 37 |         LocalSize(lp_display_buffer) / sizeof(TCHAR),
 38 |         TEXT("%s failed with error code %d as follows:\n%s"),
 39 |         lpszFunction,
 40 |         dw,
 41 |         lp_message_buffer)))
 42 |     {
 43 |         printf("FATAL ERROR: Unable to output error code.\n");
 44 |     }
 45 | 
 46 |     _tprintf(TEXT("ERROR: %s\n"), (LPCTSTR)lp_display_buffer);
 47 | 
 48 |     LocalFree(lp_message_buffer);
 49 |     LocalFree(lp_display_buffer);
 50 | }
 51 | 
 52 | int wmain(int argc, WCHAR *argv[])
 53 | {
 54 |     if (argc < 2)
 55 |     {
 56 |         printf("Usage: %s <shellcode file>", argv[0]);
 57 |         exit(0);
 58 |     }
 59 | 
 60 |     printf("Opening %S\n", argv[1]);
 61 |     HANDLE file_handle = CreateFile(
 62 |         argv[1],               // file to open
 63 |         GENERIC_READ,          // open for reading
 64 |         FILE_SHARE_READ,       // share for reading
 65 |         NULL,                  // default security
 66 |         OPEN_EXISTING,         // existing file only
 67 |         FILE_ATTRIBUTE_NORMAL, // normal file
 68 |         NULL);                 // no attr. template
 69 | 
 70 |     if (file_handle == INVALID_HANDLE_VALUE)
 71 |     {
 72 |         display_error(TEXT("CreateFile"));
 73 |         _tprintf(TEXT("Terminal failure: unable to open file \"%s\" for read.\n"), argv[1]);
 74 |         return -1;
 75 |     }
 76 | 
 77 |     LARGE_INTEGER file_size;
 78 |     GetFileSizeEx(file_handle, &file_size);
 79 | 
 80 |     DWORD shellcodeSize = file_size.LowPart;
 81 | 
 82 |     BYTE *p_shellcode_buffer = reinterpret_cast<BYTE*>(VirtualAlloc(NULL, shellcodeSize, MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE));
 83 | 
 84 |     if (!p_shellcode_buffer)
 85 |     {
 86 |         printf("Failed to allocate %d\n", shellcodeSize);
 87 |         return -1;
 88 |     }
 89 | 
 90 |     printf("Allocated %d bytes at @%p\n", shellcodeSize, p_shellcode_buffer);
 91 | 
 92 |     DWORD read_bytes;
 93 |     DWORD offset = 0;
 94 |     char ReadBuffer[BUFFERSIZE] = { 0 };
 95 |     while (ReadFile(file_handle, ReadBuffer, BUFFERSIZE - 1, &read_bytes, NULL) == TRUE && read_bytes>0)
 96 |     {
 97 |         memcpy(p_shellcode_buffer + offset, reinterpret_cast<BYTE*>(ReadBuffer), read_bytes);
 98 |         offset += read_bytes;
 99 |     }
100 | 
101 |     printf("Read %d bytes\n", offset);
102 |     int(*shellcode_ptr)() = (int(__cdecl *)(void))p_shellcode_buffer;
103 | 
104 |     printf("Calling function pointer: %p\n", shellcode_ptr);
105 | 
106 |     _asm {
107 |         int 3;
108 |     }
109 |     shellcode_ptr();
110 |     return 0;
111 | }
112 | 


--------------------------------------------------------------------------------
/RunShellcode.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 12.00
 3 | # Visual Studio Version 16
 4 | VisualStudioVersion = 16.0.29318.209
 5 | MinimumVisualStudioVersion = 10.0.40219.1
 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "RunShellcode", "RunShellcode.vcxproj", "{23D97E8B-F10D-47F3-9730-53638E25A501}"
 7 | EndProject
 8 | Global
 9 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | 		Debug|x64 = Debug|x64
11 | 		Debug|x86 = Debug|x86
12 | 		Release|x64 = Release|x64
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{23D97E8B-F10D-47F3-9730-53638E25A501}.Debug|x64.ActiveCfg = Debug|x64
17 | 		{23D97E8B-F10D-47F3-9730-53638E25A501}.Debug|x64.Build.0 = Debug|x64
18 | 		{23D97E8B-F10D-47F3-9730-53638E25A501}.Debug|x86.ActiveCfg = Debug|Win32
19 | 		{23D97E8B-F10D-47F3-9730-53638E25A501}.Debug|x86.Build.0 = Debug|Win32
20 | 		{23D97E8B-F10D-47F3-9730-53638E25A501}.Release|x64.ActiveCfg = Release|x64
21 | 		{23D97E8B-F10D-47F3-9730-53638E25A501}.Release|x64.Build.0 = Release|x64
22 | 		{23D97E8B-F10D-47F3-9730-53638E25A501}.Release|x86.ActiveCfg = Release|Win32
23 | 		{23D97E8B-F10D-47F3-9730-53638E25A501}.Release|x86.Build.0 = Release|Win32
24 | 	EndGlobalSection
25 | 	GlobalSection(SolutionProperties) = preSolution
26 | 		HideSolutionNode = FALSE
27 | 	EndGlobalSection
28 | 	GlobalSection(ExtensibilityGlobals) = postSolution
29 | 		SolutionGuid = {052CD4D6-7749-47F0-864C-CF20F1A03208}
30 | 	EndGlobalSection
31 | EndGlobal
32 | 


--------------------------------------------------------------------------------
/RunShellcode.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" ToolsVersion="14.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <ProjectGuid>{23D97E8B-F10D-47F3-9730-53638E25A501}</ProjectGuid>
 23 |     <Keyword>Win32Proj</Keyword>
 24 |     <RootNamespace>RunShellcode</RootNamespace>
 25 |     <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
 26 |   </PropertyGroup>
 27 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 28 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 29 |     <ConfigurationType>Application</ConfigurationType>
 30 |     <UseDebugLibraries>true</UseDebugLibraries>
 31 |     <PlatformToolset>v142</PlatformToolset>
 32 |     <CharacterSet>Unicode</CharacterSet>
 33 |   </PropertyGroup>
 34 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 35 |     <ConfigurationType>Application</ConfigurationType>
 36 |     <UseDebugLibraries>false</UseDebugLibraries>
 37 |     <PlatformToolset>v142</PlatformToolset>
 38 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 39 |     <CharacterSet>Unicode</CharacterSet>
 40 |   </PropertyGroup>
 41 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 42 |     <ConfigurationType>Application</ConfigurationType>
 43 |     <UseDebugLibraries>true</UseDebugLibraries>
 44 |     <PlatformToolset>v142</PlatformToolset>
 45 |     <CharacterSet>Unicode</CharacterSet>
 46 |   </PropertyGroup>
 47 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 48 |     <ConfigurationType>Application</ConfigurationType>
 49 |     <UseDebugLibraries>false</UseDebugLibraries>
 50 |     <PlatformToolset>v142</PlatformToolset>
 51 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 52 |     <CharacterSet>Unicode</CharacterSet>
 53 |   </PropertyGroup>
 54 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 55 |   <ImportGroup Label="ExtensionSettings">
 56 |   </ImportGroup>
 57 |   <ImportGroup Label="Shared">
 58 |   </ImportGroup>
 59 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 60 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 61 |   </ImportGroup>
 62 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 63 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 64 |   </ImportGroup>
 65 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 66 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 67 |   </ImportGroup>
 68 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 69 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 70 |   </ImportGroup>
 71 |   <PropertyGroup Label="UserMacros" />
 72 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 73 |     <LinkIncremental>true</LinkIncremental>
 74 |   </PropertyGroup>
 75 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 76 |     <LinkIncremental>true</LinkIncremental>
 77 |   </PropertyGroup>
 78 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 79 |     <LinkIncremental>false</LinkIncremental>
 80 |   </PropertyGroup>
 81 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 82 |     <LinkIncremental>false</LinkIncremental>
 83 |   </PropertyGroup>
 84 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 85 |     <ClCompile>
 86 |       <PrecompiledHeader>Use</PrecompiledHeader>
 87 |       <WarningLevel>Level3</WarningLevel>
 88 |       <Optimization>Disabled</Optimization>
 89 |       <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 90 |       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
 91 |     </ClCompile>
 92 |     <Link>
 93 |       <SubSystem>Console</SubSystem>
 94 |       <GenerateDebugInformation>true</GenerateDebugInformation>
 95 |     </Link>
 96 |   </ItemDefinitionGroup>
 97 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 98 |     <ClCompile>
 99 |       <PrecompiledHeader>Use</PrecompiledHeader>
100 |       <WarningLevel>Level3</WarningLevel>
101 |       <Optimization>Disabled</Optimization>
102 |       <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
103 |     </ClCompile>
104 |     <Link>
105 |       <SubSystem>Console</SubSystem>
106 |       <GenerateDebugInformation>true</GenerateDebugInformation>
107 |     </Link>
108 |   </ItemDefinitionGroup>
109 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
110 |     <ClCompile>
111 |       <WarningLevel>Level3</WarningLevel>
112 |       <PrecompiledHeader>Use</PrecompiledHeader>
113 |       <Optimization>MaxSpeed</Optimization>
114 |       <FunctionLevelLinking>true</FunctionLevelLinking>
115 |       <IntrinsicFunctions>true</IntrinsicFunctions>
116 |       <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
117 |       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
118 |     </ClCompile>
119 |     <Link>
120 |       <SubSystem>Console</SubSystem>
121 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
122 |       <OptimizeReferences>true</OptimizeReferences>
123 |       <GenerateDebugInformation>true</GenerateDebugInformation>
124 |     </Link>
125 |   </ItemDefinitionGroup>
126 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
127 |     <ClCompile>
128 |       <WarningLevel>Level3</WarningLevel>
129 |       <PrecompiledHeader>Use</PrecompiledHeader>
130 |       <Optimization>MaxSpeed</Optimization>
131 |       <FunctionLevelLinking>true</FunctionLevelLinking>
132 |       <IntrinsicFunctions>true</IntrinsicFunctions>
133 |       <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
134 |     </ClCompile>
135 |     <Link>
136 |       <SubSystem>Console</SubSystem>
137 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
138 |       <OptimizeReferences>true</OptimizeReferences>
139 |       <GenerateDebugInformation>true</GenerateDebugInformation>
140 |     </Link>
141 |   </ItemDefinitionGroup>
142 |   <ItemGroup>
143 |     <Text Include="ReadMe.txt" />
144 |   </ItemGroup>
145 |   <ItemGroup>
146 |     <ClInclude Include="stdafx.h" />
147 |     <ClInclude Include="targetver.h" />
148 |   </ItemGroup>
149 |   <ItemGroup>
150 |     <ClCompile Include="RunShellcode.cpp" />
151 |     <ClCompile Include="stdafx.cpp">
152 |       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
153 |       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
154 |       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>
155 |       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader>
156 |     </ClCompile>
157 |   </ItemGroup>
158 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
159 |   <ImportGroup Label="ExtensionTargets">
160 |   </ImportGroup>
161 | </Project>


--------------------------------------------------------------------------------
/stdafx.cpp:
--------------------------------------------------------------------------------
1 | // stdafx.cpp : source file that includes just the standard includes
2 | // RunShellcode.pch will be the pre-compiled header
3 | // stdafx.obj will contain the pre-compiled type information
4 | 
5 | #include "stdafx.h"
6 | 
7 | // TODO: reference any additional headers you need in STDAFX.H
8 | // and not in this file
9 | 


--------------------------------------------------------------------------------
/stdafx.h:
--------------------------------------------------------------------------------
 1 | // stdafx.h : include file for standard system include files,
 2 | // or project specific include files that are used frequently, but
 3 | // are changed infrequently
 4 | //
 5 | 
 6 | #pragma once
 7 | 
 8 | #include "targetver.h"
 9 | 
10 | #include <stdio.h>
11 | #include <tchar.h>
12 | 
13 | 
14 | 
15 | // TODO: reference additional headers your program requires here
16 | 


--------------------------------------------------------------------------------
/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | 
3 | // Including SDKDDKVer.h defines the highest available Windows platform.
4 | 
5 | // If you wish to build your application for a previous Windows platform, include WinSDKVer.h and
6 | // set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h.
7 | 
8 | #include <SDKDDKVer.h>
9 | 


--------------------------------------------------------------------------------