13 lines
No EOL
716 B
Text
13 lines
No EOL
716 B
Text
A null-free shellcode for 32-bit versions of Windows 5.0-7.0 all service packs that uses Microsoft Speech API to say "You got pwned!" over the speakers. Includes optional code that fixes stack alignment (adds 5 bytes) and bypasses EAF (adds 29 bytes).
|
|
|
|
Features:
|
|
|
|
NULL Free
|
|
Windows version and service pack independant.
|
|
No assumptions are made about the values of registers.
|
|
"/3GB" compatible: pointers are not assume to be smaller than 0x80000000.
|
|
DEP/ASLR compatible: data is not executed, code is not modified.
|
|
Windows 7 compatible: kernel32 is found based on the length of its name
|
|
|
|
Download:
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/15879.zip (w32-speaking-shellcode.zip) |