When your question is answered use !solved to mark the question as resolved.
Remember to ask specific questions, provide necessary details, and reduce your question to its simplest form. For tips on how to ask a good question use !howto ask.
#Executing binary code
crimson ravineBOT
unkempt tide
Code of file trying to execute code
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <windows.h>
unsigned char code[] =
"\x68\x0b\x30\x40\x00"
"\x68\x00\x30\x40\x00"
"\xe8\x0d\x00\x00\x00"
"\xe8\x00\x00\x00\x00"
"\xff\x25\x08\x20\x40\x00"
"\xff\x25\x08\x20\x40\x00";
int main()
{
void *exec = VirtualAlloc(0, sizeof(code), MEM_COMMIT, PAGE_EXECUTE_READWRITE);
if (exec == NULL) {
perror("VirtualAlloc failed");
return 1;
}
memcpy(exec, code, sizeof(code));
((void(*)())exec)();
VirtualFree(exec, 0, MEM_RELEASE);
return 0;
}
MASM file from which i got binary code
.386
.model flat,stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
include \masm32\include\user32.inc
include \masm32\include\masm32.inc
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\user32.lib
includelib \masm32\lib\masm32.lib
.data
caption db "Calculator",0
message db "Hello, I opened Calculator!",0
.code
start:
; Show message box
push offset message
push offset caption
push 0
call MessageBoxA
; Exit process
invoke ExitProcess, 0
end start
which in objdump got
file.exe: file format pei-i386
Disassembly of section .text:
00401000 <.text>:
401000: 68 0b 30 40 00 push $0x40300b
401005: 68 00 30 40 00 push $0x403000
40100a: 6a 00 push $0x0
40100c: e8 0d 00 00 00 call 0x40101e
401011: 6a 00 push $0x0
401013: e8 00 00 00 00 call 0x401018
401018: ff 25 00 20 40 00 jmp *0x402000
40101e: ff 25 08 20 40 00 jmp *0x402008
@unkempt tide