Inline ASM in C#

Question

does anyone have an idea about how can i convert the following C inline ASM to a valid C# format? Thanks in advance.

DWORD WINAPI RemoteExecPayloadStub(LPVOID lpParameter) {
__asm {
    mov eax, [lpParameter]
    call eax
    push 0
    call ExitThread
}
return 0;

}

EDIT

Tried to convert the ASM to bytecodes like so (below) and use it from a byte array but doesn't seem to work as expected. Thanks.

    0:  a1 00 00 00 00          mov    eax,ds:0x0
5:  ff d0                   call   eax
7:  6a 00                   push   0x0
9:  e8 fc ff ff ff          call   a <_main+0xa>

Nothing to try here actually... You can't invoke ASM from C#. Some workarounds, like compiling c/c++ containing the asm code into library and calling from C# could work. — Eugene Sh., Dec 16 '14 at 18:40
@EugeneSh. do you think there is a way arround this problem without having an extra DLL? — SlothGR, Dec 16 '14 at 18:44
NO, you know the compiled c# code runs under a VM rite, so standard assembly wont work — Steve, Dec 16 '14 at 18:45
@EugeneSh. "nobody told him it was impossible so he did it" ... come on guys, just read the duplicate question! — Jester, Dec 16 '14 at 18:45
In every possible way? It can be done quite simply. Especially this code which only invokes a function pointer. `Marshal.GetDelegateForFunctionPointer` is pretty much a drop-in replacement for this. — Jester, Dec 16 '14 at 18:47
@Jester So, write a function in C, embed asm code in it, wrap into a library and call it from C#? And what did I say? — Eugene Sh., Dec 16 '14 at 18:48
@Jester So you are talking about invoking this specific `ExitThread` function, not asm code in general? — Eugene Sh., Dec 16 '14 at 18:51
@EugeneSh. yes, i am talking about this function only! Not in general! The ExitThread above! — SlothGR, Dec 16 '14 at 18:52

Jester · Accepted Answer · 2014-12-16T19:03:49.143

Since people seem totally confused, I'll answer this here even though it is a duplicate.

The given code does nothing else but invoke a function pointer, and then exit the thread. As such the equivalent C# code could be:

delegate void FuncPtr();
static void RemoteExecPayloadStub(IntPtr lpParameter)
{
    FuncPtr ptr = Marshal.GetDelegateForFunctionPointer<FuncPtr>(lpParameter);
    ptr();
}

As for the ExitThread you can use Thread.CurrentThread.Abort() or pinvoke the winapi function (not recommended).

Executing arbitrary machine code isn't much more difficult either. Put your stuff into a byte array, allocate executable memory using appropriate pinvoke calls, copy your code there and then use the above method to execute it.

Inline ASM in C#

1 Answers1