HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

AutoIT AsmThread func.

Status
Not open for further replies.
D

DDoSer

The Real DDoSer
User
Joined
Oct 9, 2013
Messages
352
Reputation
0
Reaction score
4,578
Points
243
Credits
0
‎11 Years of Service‎
51%
[HIDE-THANKS]Another variation on the theme of threads. A simple concept, all the features are not disclosed. There is opportunity to receive results.

Code: 
>;sModule - Module name
;sRetType - Return type( 4 BYTE, like dword, ptr32, int ... )
;sFunc - Function name
;ArgN - Argument( 4 BYTE )
; -----
;Return:
;$tRet.Id - InternalThreadId ( ___THREADi )
;$tRet.Thread - hThread
;$tRet.Mem - pAllocatedVirtualMemory
;$tRet.Ptr - Ptr to tRet
;$tRet.Return - Return value
Func _AsmThread( $sModule, $sRetType, $sFunc, $Arg1 = 0, $Arg2 = 0, $Arg3 = 0, $Arg4 = 0, $Arg5 = 0, $Arg6 = 0 )
   Local $Idx, $hModule, $pFunc, $tRet, $pMem, $aRes, _
       $tOpCode, $iOpCode_sz, $vOpCode = "0x", _
       $aArgs[6] = [ $Arg1, $Arg2, $Arg3, $Arg4, $Arg5, $Arg6 ]
   ; *
   ReDim $aArgs[@NumParams-2]
   ; ---
   $tRet = DllStructCreate( $sRetType & " Return; ptr Ptr; ptr Mem; handle Thread; ulong Id" )
       $tRet.Ptr = DllStructGetPtr( $tRet )

   For $Idx = 0 To @NumParams - 4 Step 1
       $vOpCode &= "68" & _AsmSwap( $aArgs[$Idx] ) ;PUSH Arg
   Next
   Do
       $hModule = _WinAPI_GetModuleHandle( $sModule )
       If Not $hModule Then ExitLoop

       $pFunc =  _WinAPI_GetProcAddress( $hModule, $sFunc )
       If Not $pFunc Then ExitLoop
       ; -
       $vOpCode &= _
           "B8" & _AsmSwap( $pFunc ) & _       ;MOV EAX,pFunc
           "FFD0" & _                          ;CALL EAX
           "A3" & _AsmSwap( $tRet.Ptr ) & _    ;MOV DWORD PTR[pRet],EAX
           "C3"                                ;RET

       $vOpCode = Binary( $vOpCode )
       $iOpCode_sz = BinaryLen( $vOpCode )
       ; -
       $pMem = _MemVirtualAlloc( 0, $iOpCode_sz, $MEM_COMMIT, $PAGE_EXECUTE_READWRITE )
       If Not $pMem Then ExitLoop

       $tOpCode = DllStructCreate( "byte OpCode[" & $iOpCode_sz & "]", $pMem )
       $tOpCode.OpCode = $vOpCode

       $aRes = DllCall( 'kernel32.dll', 'ptr', 'CreateThread', 'ptr', 0, 'dword_ptr', 0, 'ptr', $pMem, 'ptr', 0, 'dword', 0, 'dword*', 0)
       If @Error Or Not $aRes[0] Then ExitLoop

       ; - < Anti-crash region ( save allocated memory for struct's )
       $Idx = 0
       While IsDeclared( "___THREAD" & $Idx )
           $Idx += 1
       WEnd
       Assign( "___THREAD" & $Idx, $tRet, 2 )

       $tRet.Mem = $pMem
       $tRet.Thread = $aRes[0]
       $tRet.Id = $Idx

       Sleep( 10 )
       Return $tRet
   Until True
   ; ---
   Return 0
EndFunc

Func _AsmSwap( $vData )
   Return Hex( Binary( $vData ) )
EndFunc
[/HIDE-THANKS]

 
Status
Not open for further replies.
Back
Top