I'm writing optimized Windows based shellcode in C++ and I have problem avoiding hardcoded addresses in C++ while passing it to function.
e.g:
My_CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)&thread_callback, NULL, NULL, NULL);
DWORD WINAPI thread_callback(LPVOID lpParam)
{
// stuff..
}
in disassembly, it shows CreateThread(..., cardcoded_address, ..); instead, I want to pass this address like "from this location to thread_callback"
is there any way to avoid it? (because shellcode should be address independent?)
Regards.
Anyways, I was searching/doing some stuff and the final thing I've could done is that you can solve this with delta offset.
Explanation: at the very first function of your code, there should be function like this:
DWORD delta;
__asm {
call GetBasePointer
GetBasePointer:
pop eax
sub eax, GetBasePointer
mov [delta], eax
}
You can also google for delta offset for more details. Afterwards, you can do something like this:
My_CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)((DWORD)thread_callback + (DWORD)delta), NULL, NULL, NULL);
DWORD WINAPI thread_callback(LPVOID lpParam)
{
// stuff..
}
and it will work fine,
Regards.