-
-
Notifications
You must be signed in to change notification settings - Fork 198
/
Copy pathd_tiny-ld.asm
80 lines (63 loc) · 1.22 KB
/
d_tiny-ld.asm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
; tiny.dll static loader
; Ange Albertini, BSD LICENCE 2012-2013
%include 'consts.inc'
%include 'headers.inc'
%include 'dd_imports.inc'
%include 'section_1fa.inc'
EntryPoint:
push LOAD_LIBRARY_AS_DATAFILE
push 0
push dll.dll
call [__imp__LoadLibraryExA]
_
and eax, 0ffff0000h
add eax, 6
push eax
call [__imp__printf]
_
add esp, 1 * 4
push 0
call [__imp__ExitProcess]
_c
dll.dll db 'd_tiny.dll', 0
_d
Import_Descriptor:
_import_descriptor kernel32.dll
_import_descriptor msvcrt.dll
istruc IMAGE_IMPORT_DESCRIPTOR
iend
_d
kernel32.dll_hintnames:
dd hnExitProcess - IMAGEBASE
dd hnLoadLibraryExA - IMAGEBASE
dd 0
_d
msvcrt.dll_hintnames:
dd hnprintf - IMAGEBASE
dd 0
hnExitProcess:
dw 0
db 'ExitProcess', 0
_d
hnLoadLibraryExA:
dw 0
db 'LoadLibraryExA', 0
_d
hnprintf:
dw 0
db 'printf', 0
kernel32.dll_iat:
__imp__ExitProcess:
dd hnExitProcess - IMAGEBASE
__imp__LoadLibraryExA:
dd hnLoadLibraryExA - IMAGEBASE
dd 0
_d
msvcrt.dll_iat:
__imp__printf:
dd hnprintf - IMAGEBASE
dd 0
kernel32.dll db 'kernel32.dll', 0
msvcrt.dll db 'msvcrt.dll', 0
_d
align FILEALIGN, db 0