Debugging

Checking if remote shellcode copied matched buf variable

// Debugging 
[DllImport("kernel32.dll", SetLastError = true)]
static extern bool ReadProcessMemory(
    IntPtr hProcess,
    IntPtr lpBaseAddress,
    [Out] byte[] lpBuffer,
    int dwSize, 
    out IntPtr lpNumberOfBytesRead);

[DllImport("msvcrt.dll", CallingConvention = CallingConvention.Cdecl)]
static extern int memcmp(byte[] b1, byte[] b2, UIntPtr count);
static bool CompareByteArray(byte[] b1, byte[] b2)
{
    return b1.Length == b2.Length && memcmp(b1, b2, (UIntPtr)b1.Length) == 0;
}
        
static void Main(string[] args)
{
    // Debugging check if the shellcode was copied successfully
    byte[] remoteMemory = new byte[bufLength];
    IntPtr bytesRead = new IntPtr();
    ReadProcessMemory(processHandleRemote, baseAddressRemote, remoteMemory, remoteMemory.Length, out bytesRead);
    if (!CompareByteArray(buf, remoteMemory))
    {
        Console.WriteLine("[!] ERROR shellcode bytes read from remotely mapped view do not match with local buf");
        return;
    }
}