win32 IsDebuggerPresent ShellCode (NT/XP) 39 bytes(页 1) - 安全测试代码{ Exploits and Shellcode } - 毒箭羽翼[ Shellcodez Query ] - 邪恶八进制信息安全团队技术讨论组努力为祖国的信息安全撑起一片蓝天

ring04h 2007-6-12 01:10

win32 IsDebuggerPresent ShellCode (NT/XP) 39 bytes

[code]/* Shellcode Length: 39 bytes */
/* sets PEB->BeingDebugged to 0 */
/* IsDebuggerPresent()/BeingDebugged bypass */
/* by ex-pb @ [email]screw_you@web.de[/email] */
/* greets: xgx and all i forgot */

#include <stdio.h>
#include <windows.h>

char ShellCode[] = "\xEB"
"\x0F\x58\x80\x30\x95\x40\x81\x38\x68\x61\x63\x6B\x75\xF4\xEB\x05\xE8\xEC\xFF\xFF"
"\xFF\xF1\x34\xA5\x95\x95\x95\xAB\x53\xD5\x97\x95\x56\x68\x61\x63\x6B\xCD";

int main()
{
printf("Shellcode length: %d\n", strlen(ShellCode));
return 0;
}

[/code]

页: [1]

邪恶八进制信息安全团队技术讨论组's Archiver

win32 IsDebuggerPresent ShellCode (NT/XP) 39 bytes