How to use the qiling.loader.pe.Shellcode function in qiling

To help you get started, we’ve selected a few qiling examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github qilingframework / qiling / qiling / os / windows / x86.py View on Github external
uc = Uc(UC_ARCH_X86, UC_MODE_32)
    ql.uc = uc

    # MAPPED Vars for loadPE32
    if (ql.stack_address == 0):
        ql.stack_address = QL_X86_WINDOWS_STACK_ADDRESS
    if (ql.stack_size == 0): 
        ql.stack_size = QL_X86_WINDOWS_STACK_SIZE

    ql.code_address = 0x40000
    ql.code_size = 10 * 1024 * 1024

    setup_windows32(ql)

    # load shellcode
    ql.PE = Shellcode(ql, [b"ntdll.dll", b"kernel32.dll", b"user32.dll"])
    ql.PE.load()

    # hook win api
    ql.hook_code(hook_winapi)
github qilingframework / qiling / qiling / os / windows / x8664.py View on Github external
uc = Uc(UC_ARCH_X86, UC_MODE_64)
    ql.uc = uc

    # init ql pe
    if (ql.stack_address == 0): 
        ql.stack_address = QL_X8664_WINDOWS_STACK_ADDRESS
    if (ql.stack_size == 0):
        ql.stack_size = QL_X8664_WINDOWS_STACK_SIZE

    ql.code_address = 0x140000000
    ql.code_size = 10 * 1024 * 1024

    windows_setup64(ql)

    # load shellcode
    ql.PE = Shellcode(ql, [b"ntdll.dll", b"kernel32.dll", b"user32.dll"])
    ql.PE.load()

    # hook win api
    ql.hook_code(hook_winapi)