Optimize assembly payloads
This commit is contained in:
parent
851ebb5b9a
commit
33f7dd89a9
@ -18,8 +18,7 @@ main: ; Replacement entry point
|
||||
|
||||
mov rcx, rsi ; kernel32.dll
|
||||
lea rdx, [rel s_LoadLibraryA]
|
||||
mov rax, rdi ; *GetProcAddress
|
||||
call rax ; rax = *LoadLibraryA
|
||||
call rdi ; rax = *LoadLibraryA
|
||||
|
||||
lea rcx, [rel dllPath]
|
||||
call rax ; LoadLibraryA(dllPath)
|
||||
@ -27,8 +26,7 @@ main: ; Replacement entry point
|
||||
|
||||
mov rcx, rsi ; kernel32.dll
|
||||
lea rdx, [rel s_GetModuleHandleA]
|
||||
mov rax, rdi ; *GetProcAddress
|
||||
call rax ; rax = *GetModuleHandle
|
||||
call rdi ; rax = *GetModuleHandle
|
||||
mov r12, rax
|
||||
|
||||
mov rcx, 0
|
||||
@ -37,21 +35,18 @@ main: ; Replacement entry point
|
||||
|
||||
mov rcx, rsi ; kernel32.dll
|
||||
lea rdx, [rel s_GetCommandLineW]
|
||||
mov rax, rdi ; *GetProcAddress
|
||||
call rax ; rax = *GetCommandLineW
|
||||
call rdi ; rax = *GetCommandLineW
|
||||
|
||||
call rax ; rax = command line
|
||||
mov r14, rax
|
||||
|
||||
|
||||
lea rcx, [rel s_UnityPlayer.dll]
|
||||
mov rax, r12 ; *GetModuleHandleA
|
||||
call rax ; rax = UnityPlayer.dll
|
||||
call r12 ; rax = UnityPlayer.dll
|
||||
|
||||
mov rcx, rax
|
||||
lea rdx, [rel s_UnityMain]
|
||||
mov rax, rdi ; *GetProcAddress
|
||||
call rax ; rax = *UnityMain
|
||||
call rdi ; rax = *UnityMain
|
||||
|
||||
mov rcx, r13 ; .exe base address
|
||||
mov rdx, 0 ; hPrevInstance - 0
|
||||
|
@ -2,8 +2,6 @@ BITS 64
|
||||
|
||||
main: ; Replacement entry point
|
||||
push rsi
|
||||
push rdi
|
||||
sub rsp, 8h
|
||||
|
||||
|
||||
call GetKernel32ModuleHandle
|
||||
@ -11,20 +9,16 @@ main: ; Replacement entry point
|
||||
|
||||
mov rcx, rax
|
||||
call GetAddressOf_GetProcAddress
|
||||
mov rdi, rax ; *GetProcAddress
|
||||
|
||||
|
||||
mov rcx, rsi ; kernel32.dll
|
||||
lea rdx, [rel s_LoadLibraryA]
|
||||
mov rax, rdi ; *GetProcAddress
|
||||
call rax ; rax = *LoadLibraryA
|
||||
|
||||
lea rcx, [rel dllPath]
|
||||
call rax ; LoadLibraryA(dllPath)
|
||||
|
||||
|
||||
add rsp, 8h
|
||||
pop rdi
|
||||
pop rsi
|
||||
ret
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user