x64?

[adspro]

What is shellcode to x64?

[D4stiny]

Hi there, this project was meant to be a reference for programmers looking to get into dll injection. The current shellcode is for x86, and is incompatible with x64 as you may of noticed. In order to make your own x64 shellcode, you can decompile the current one by using a disassembler to understand how the shellcode works, and recreating the shellcode using x64 registers. At this time, you're going to have to do this yourself.

[hrt]

Hi @D4stiny , it would be nice to see some comments for the x86 shell code

I might be doing something wrong here but I get an invalid instruction at the start :

[D4stiny]

Hi @hrt,

I'll consider making comments, but originally I thought it unnecessary as a proof of concept and because it is so short. I placed my shellcode into this online disassembler and got the following disassembly:

0:  60                      pusha
1:  e8 00 00 00 00          call   0x6
6:  5b                      pop    ebx
7:  81 eb 06 00 00 00       sub    ebx,0x6
d:  b8 cc cc cc cc          mov    eax,0xcccccccc
12: ba cc cc cc cc          mov    edx,0xcccccccc
17: 52                      push   edx
18: ff d0                   call   eax
1a: 61                      popa
1b: 68 cc cc cc cc          push   0xcccccccc
20: c3                      ret

The start instruction just pushes "all general-purpose registers", you can read more about it here. I'm not sure about Cheat Engine's disassembler, but I can confirm it is valid assembly, otherwise the program would not work. Let me know if you have any other questions.

Bill Demirkapi

[hrt]

thanks for the quick and useful response I scrolled through some memory of a 32 bit application and this "invalid" instruction appears so it should be fine