News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests
NB: Posting URL's See here: Posted URL Change

Main Menu

Msgbox Shellcode

Started by AssemblyBeginner, February 11, 2015, 04:48:36 AM

Previous topic - Next topic

AssemblyBeginner

Hi all,

The code below runs a Msgbox based on a byte populated with some Hex values (shellcode)
My question is how/from where do we obtain the MsgBox API shellcode Hex values ? Is there a tool in the MASM qEditor that does that or is it done in some other way ?

include \masm32\include\masm32rt.inc


.data
szCaption db "MessageBox title",0
szMessage db "My message",0
msgBox db 55h,8Bh,0ECh,0FFh,75h,14h,0FFh,75h,10h,0FFh,75h,0Ch,0FFh,75h,08h,0FFh,15h,10h,20h,40h,00h,0C9h,0C3h

.data?
pMem dd ?
buffer dd 12 dup (?)

.code
start:
invoke GlobalAlloc,GMEM_FIXED,32
mov pMem, eax
mov ecx, LENGTHOF msgBox
mov esi, OFFSET msgBox
mov edi, pMem
rep movsb

push 0 ;OK button
push offset szCaption ;Messagebox title
push offset szMessage ;Messagebox message
push 0 ;Owner
call pMem

invoke GlobalFree,pMem
invoke ExitProcess,0

mov eax, MessageBox ;to get "MessageBoxA" into the import table

end start

Vortex

Shellcode, isn't it against the forum rules?

AssemblyBeginner

If shellcode is against the forum rules then I would like to apologise .. I just wanted to know the relationship between ASM and Shellcoding as I often see them together in many code snippets on the internet

dedndave

well - it can be used maliciously - so we don't generally discuss it

as Jochen (jj2007) and others mentioned, there are cleaner ways to do it, anyways