.: Shellcode 2.0 :.
Released 18 years, 6 months ago. Apr 2003By Delikon
- From: Germany
- Coded by: Delikon
- Version: Shellcode 2.0
- Released date: Apr 2003, 18 years, 6 months ago.
- Family: Shellcode
- Category: Remote Access
Introdution: The idea of my generator is, to generate a genetic shellcode with one click. i have made a few test, but mainly it is untested. At default it generates a shellcode which downloads a file called klein.exe, it is a proggy which opens a msgbox. The Use: the shellcodegenerator get the kernelbase address automaticlly(if you use the shellcode on another machine you need another kernel base some kernel base addresses: Win95 (3rd release?) - 0xBFF70000 Win98 (1st and 2nd editions) - 0xBFF70000 WinME - 0xBFF60000 WinNT4 (service pack 4 and 5) - 0x77F00000 my win2k - 0x77E70000 ) the next step is to fill out the downloadpage and the name of the downloaded file on the taget machine. Attention-> don't use a big download file, only small trojans like asylum, or bat-files (or pack it with UPX) click the "Make Shellcode" button and files will appear the 1.asm (the asm sourcecode) 1.s (compiled sourcecode) 2.asm (the asm decryption routine) 2.s (the compiled asm decryption routine) and the shellcode.c (the file where the hex-shellcode is in). If you click "test shellcode" the command "execute 2.s" will start to test the code. But if you want to test the real shellcode, compile shellcode.c with borland or cl. Changes from v1.0 to v2.0: - - -added a xor-encoding to avoid NULLS BUGS: I have test many different xor-values but only 0x99 works well. Delikon
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at email@example.com, thank you in advance.