rtcEnvironBstr Declare Help

Iniciado por SantaMorte, 8 Marzo 2012, 02:48 AM

0 Miembros y 1 Visitante están viendo este tema.

Imprimir
Ir Abajo Páginas1
Acciones del Usuario

SantaMorte

8 Marzo 2012, 02:48 AM
Hi all ... i need some Help

Maybe Someone know the rtcEnvironBstr Export of MSVBVM60.dll

i need the Declare of rtcEnvironBstr export function

Thanks to anyone who help me :D

x64core

#1
8 Marzo 2012, 05:27 AM Ultima modificación: 8 Marzo 2012, 05:35 AM por RHL
Impossible, that function used the registry EBP plus a offset in the stack for the arguments, if u can make a shellcode then
see this:

Código [Seleccionar]
push edx
mov [ebp-60],ebx
mov [ebp-68],edi
mov [ebp-50],ebx
mov [ebp-58],edi
mov [ebp-40],ebx
mov [ebp-48],edi
mov [ebp-70],ecx
mov [ebp-78],4008
call  dword ptr ds:[<&MSVBVM60.#667>]

EDX = address to 0
EBX = value 80020004h
EDI = length for string
ECX = address for string

the values as 80020004,0,4008 i know not why is write :P

SantaMorte

#2
8 Marzo 2012, 17:09 PM
Thanks a lot ......

Karcrack

#3
9 Marzo 2012, 14:41 PM
Here is it:
Código (vb) [Seleccionar]
Option Explicit

Private Type environstruct
   k       As Long '8
   null    As Long '0
   envstr  As Long 'StrPtr(str)
End Type

'MSVBVM60
Private Declare Function rtcEnvironBstr Lib "MSVBVM60" (ByRef struct As environstruct) As String

Private Sub Form_Load()
   Dim es  As environstruct
   
   With es
       .k = 8
       .envstr = StrPtr("TMP")
   End With
   
   MsgBox StrConv(rtcEnvironBstr(es), vbFromUnicode)
End Sub
:P

@RHL: You need to improve your debugging skills >:D

(PGP ID)

SantaMorte

#4
9 Marzo 2012, 23:49 PM
Thanks A Lot ....

KarCrack Always the best :D
Imprimir
Ir Arriba Páginas1
Acciones del Usuario