Cok onceden kullandigim, kaybolmus bir USB diskin icerisinde, 2015 yilinda yazdigim ornek bir bytecode buldum ve biraz duzenleyip sizinle paylasmak istedim. Madem bir kez paylastik, devami gelmesi kacinilmazdir.
Kod:
[COLOR=White][B]/*[/B][/COLOR]
[COLOR=White][B] * ::Ex. Stdout Shellcode[/B][/COLOR]
[COLOR=White][B] * __author__: xd3[/B][/COLOR]
[COLOR=White][B] * __date__: 15/4/17[/B][/COLOR]
[COLOR=White][B] * __format__: x86 ELF[/B][/COLOR]
[COLOR=White][B] * __platform__: x86 Linux[/B][/COLOR]
[COLOR=White][B] * [/B][/COLOR]
[COLOR=White][B] */[/B][/COLOR]
[COLOR=White][B] /*[/B][/COLOR]
[COLOR=White][B] * $ sudo gcc -fno-stack-protector -z execstack xd3.c -o xd3[/B][/COLOR]
[COLOR=White][B] * $ ./xd3[/B][/COLOR]
[COLOR=White][B] * [~] Byte-Code Len: 70[/B][/COLOR]
[COLOR=White][B] * h3ll0, n00b![/B][/COLOR]
[COLOR=White][B] * $[/B][/COLOR]
[COLOR=White][B] */[/B][/COLOR]
[COLOR=White][B]#include <stdio.h>[/B][/COLOR]
[COLOR=White][B]#include <string.h>[/B][/COLOR]
[COLOR=White][B]const unsigned char xd3[] = \[/B][/COLOR]
[COLOR=White][B]"\x68\xb1\xf2\xd9"[/B][/COLOR]
[COLOR=White][B]"\xde\x68\xf3\xbd"[/B][/COLOR]
[COLOR=White][B]"\xe3\xe3\x68\xbf"[/B][/COLOR]
[COLOR=White][B]"\xbf\xe3\xff\x68"[/B][/COLOR]
[COLOR=White][B]"\x2c\x2c\xbb\xe0"[/B][/COLOR]
[COLOR=White][B]"\x68\x53\x3b\x3b"[/B][/COLOR]
[COLOR=White][B]"\x2c\x68\x63\xd2"[/B][/COLOR]
[COLOR=White][B]"\x98\x1e\x68\x61"[/B][/COLOR]
[COLOR=White][B]"\xdd\x1e\x53\x68"[/B][/COLOR]
[COLOR=White][B]"\x08\x90\xe2\x01"[/B][/COLOR]
[COLOR=White][B]"\x68\x13\x63\xd7"[/B][/COLOR]
[COLOR=White][B]"\xe2\x68\x38\xc0"[/B][/COLOR]
[COLOR=White][B]"\x8a\xe2\x89\xe6"[/B][/COLOR]
[COLOR=White][B]"\x31\xc9\xb1\x0a"[/B][/COLOR]
[COLOR=White][B]"\xba\xd3\xd3\xd3"[/B][/COLOR]
[COLOR=White][B]"\xd3\x31\x16\x83"[/B][/COLOR]
[COLOR=White][B]"\xc6\x04\xe2\xf9"[/B][/COLOR]
[COLOR=White][B]"\xff\xe4";[/B][/COLOR]
[COLOR=White][B]int main(){ [/B][/COLOR]
[COLOR=White][B] printf("[~] Byte-Code Len: %d\n", strlen(xd3));[/B][/COLOR]
[COLOR=White][B] int (*sh3llc0de)();[/B][/COLOR]
[COLOR=White][B] sh3llc0de = (int (*)()) xd3;[/B][/COLOR]
[COLOR=White][B] (int)(*sh3llc0de)();[/B][/COLOR]
[COLOR=White][B]}[/B][/COLOR]