Personal commit

app/src/main.rs

@@ -0,0 +1,57 @@
+extern crate core;
+
+use core::{ffi::c_void, mem, ptr};
+use shellcode_util::{get_module_handle_from_peb, get_procedure_from_edt};
+use utf16_lit::utf16;
+use windows_sys::{
+    core::PCSTR,
+    Win32::Foundation::{BOOL, HANDLE, HMODULE, HWND},
+};
+
+type Result<T> = std::result::Result<T, Box<dyn std::error::Error>>;
+
+fn main() -> Result<()> {
+    unsafe { shellcode() }
+    Ok(())
+}
+
+unsafe fn shellcode() {
+    // Initial Imports
+    let kernel32 = get_module_handle_from_peb(&utf16!("KERNEL32.DLL")).unwrap();
+    let LoadLibraryA: extern "system" fn(PCSTR) -> HMODULE =
+        get_procedure_from_edt(kernel32, "LoadLibraryA\0").unwrap();
+    let GetProcAddress: extern "system" fn(HMODULE, PCSTR) -> *const () =
+        get_procedure_from_edt(kernel32, "GetProcAddress\0").unwrap();
+
+    // Console output
+    let GetStdHandle: extern "system" fn(u32) -> HANDLE =
+        mem::transmute(GetProcAddress(kernel32, "GetStdHandle\0".as_ptr()));
+    let output_handle = GetStdHandle(u32::MAX - 11);
+    let WriteConsoleA: extern "system" fn(HANDLE, PCSTR, u32, *mut u32, *mut c_void) -> BOOL =
+        mem::transmute(GetProcAddress(kernel32, "WriteConsoleA\0".as_ptr()));
+
+    let text = "Hello from Console!\n\0";
+    WriteConsoleA(
+        output_handle,
+        text.as_ptr(),
+        text.len() as u32,
+        ptr::null_mut(),
+        ptr::null_mut(),
+    );
+
+    // Messagebox
+    let user32 = LoadLibraryA("user32.dll\0".as_ptr());
+    let MessageBoxA: extern "system" fn(HWND, PCSTR, PCSTR, u32) -> i32 =
+        mem::transmute(GetProcAddress(user32, "MessageBoxA\0".as_ptr()));
+
+    let text = "Hello World!\0";
+    MessageBoxA(ptr::null_mut(), text.as_ptr(), text.as_ptr(), 0);
+
+    let text = "Bye World\0";
+    MessageBoxA(ptr::null_mut(), text.as_ptr(), text.as_ptr(), 0);
+
+    // Exit
+    let ExitProcess: extern "system" fn(u32) =
+        mem::transmute(GetProcAddress(kernel32, "ExitProcess\0".as_ptr()));
+    ExitProcess(5);
+}