If you want to take a happy little journey through PEB structs, PE headers and kernel32.dll Export Table to spawn some "calc.exe" on x64 using Assembly, here it is.
📚 What you will learn:
— WinAPI function manual location with Assembly;
— PEB Structure and PEB_LDR_DATA;
— PE File Structure;
— Relative Virtual Address calculation;
— Export Address Table (EAT);
— Windows x64 calling-convention in practice;
— Writing in Assembly like a real Giga-Chad...
🔗 Source:
https://print3m.github.io/blog/x64-winapi-shellcoding
#maldev #winapi #x64 #shellcode #assembly
Please open Telegram to view this post
VIEW IN TELEGRAM
👍10🔥3