我开发了一个小型解密和执行应用程序,但我被困在执行部分。我使用以下方法成功执行 .NET 程序集:
Assembly asm = Assembly.Load(decryptedBytes);
if (asm.EntryPoint == null)
throw new ApplicationException("No entry point found!");
MethodInfo ePoint = asm.EntryPoint;
object ins = asm.CreateInstance(ePoint.Name);
ePoint.Invoke(ins, null);
但是当我尝试使用这篇文章分配一个可执行区域时,应用程序崩溃了
我得到的唯一有用的信息是:
Fault Module Name: StackHash_0a9e
这是我的代码:
const uint PAGE_EXECUTE_READWRITE = 0x40;
const uint MEM_COMMIT = 0x1000;
[DllImport("kernel32.dll", SetLastError = true)]
static extern IntPtr VirtualAlloc(IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect);
private delegate int IntReturner();
IntPtr buf = VirtualAlloc(IntPtr.Zero, (uint)decryptedBytes.Length, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
Marshal.Copy(decryptedBytes, 0, buf, decryptedBytes.Length);
IntReturner ptr = (IntReturner)Marshal.GetDelegateForFunctionPointer(buf, typeof(IntReturner));
Console.WriteLine(ptr());