This shellcode has been designed to format all the available drives on Windows.
2013d9439ea93209ab6918798d518fa11e0aa3e42559d54e0f47d7a1eff296fe
155 bytes small Linux/x86 shellcode that has a MMX stub decoder that dynamically decodes the payload in memory. The FPU GetPC technique is used to determine the offset from EIP dynamically in running memory. Once decoded. this shellcode adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.
d72edd6daaf006feaf82398a3b67d4281ff9258ee56eeaedca56c7d0ab3e4980
107 bytes small Linux/x86 shellcode that adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.
e9483cceb2d45bc3e4c29c88655dc4a6e6bcedc432d98e81e5ab936189311836
This shellcode uses CreateFile and tries to read a non existing network path. You can use tools such as Responder to capture NetNTLM hashes. The shellcode can be modified to steal hashes over internet. SMBRelay attacks can also be performed.
2491b63c867c622c3989731692259fbf0c1e25e9f5dc567cec8b45443580d9f2
This shellcode writes down your code in the end of found files. Your code will be added only .html and .php files. Search for files is carried out recursively.
8c618ade2e8e0d28c057139097aaa69a682f6fa5ffedd4dac01f8f3adfba7245
This shellcode downloads and executes a file via a reverse DNS channel.
137d4935c5dba1bc9303b67ee85506910151f930ad28d4a31438dd485aafed4b
This shellcode is an egg hunter checksum routine.
fee040ab77ec20438f18cdd7bb579cf821c42ad1bdd3604706b762910166ec3b
This shellcode creates a XP firewall rule to allow TCP traffic on port 445.
14707ba4c824ba767bf2f82c4923851e0a0d2118c5edf7ea3f5705c2de5cf5d8
This shellcode will attempt to delete the Zone.Identifier ADS and then runs the file using the ShellExecuteA function.
7c5c86d8a1260728dd1fb1099f979199962e2487372f6851fa49aa70d4606fca
This shellcode disables shadowing on Linux sending all passwords to /etc/passwd.
efc0efd9feadbafc48fa0b35a0aa5538a00d019eb428a3387ae2c12b99c3f28b
ASCII Art / shellcode hybrid called "Julia". This shellcode was created using Ars Ex Machina Coda. The shellcode will only work when it is run in writable and executable memory and if ECX points to the base address of the shellcode.
89cdfca38f956e1128ed018784978d1e02fff9f7c01ce163ba847b1d3b640bc1
This shellcode sets the system time to 0 (00:00:00 GMT Jan 1, 1970) and exits in 12 bytes for Linux/x86.
671894154a3f23262ce22704ba3555cc5472af0a6360c70f0489e3ecc1686d9f
This shellcode does a execve("ipchains -F") in 40 bytes for Linux/x86.
a46a03162b60f010c529dc4e669324ea009a92d1ddfa441f3bf320a0738a8b3b
This shellcode does a execve("ipchains -F") in 41 bytes for Linux/x86.
e742f9afc4b4c28d5ccc45d6e151176a73545cd305be09731907f104d0d080c3
This shellcode adds a new root-equivalent user "r00t" with no password to /etc/passwd in 69 bytes for Linux/x86.
8922a4e770170ee0f5b528e7d6a7ac05789b5ac4acc3ca9b18b398f084d27581
This shellcode sets the system time to 0 (00:00:00 GMT Jan 1, 1970) and exits in 15 bytes for Linux/x86.
10104469e5a80af14384e1151e756a992eaf452dc10f9054491bd6a209bbcc25
This shellcode allows you to download an ELF executable straight off a standard HTTP server and launch it. It will be saved locally to a filename called 'A' in the current directory. linux/x86 and 111 bytes.
4a909ca87606bf57f755b2c8322fb4fa6ee45728619e7f9d3db8fc7ea441cce8
Linux x86 shellcode that does an execve of /bin/sh. This shellcode contains no slashes so it can bypass certain application filters and was originally written for a snes9x buffer overflow.
4ef2d0f1cd24777b5709b44238b964e296e95e992d81fd668b2dcd7eb70e8405
63 byte connect-read-execve - linux-x86. This shellcode connects back and ask you for code to execute.
92eee9f754961c5729bb81fd22c2deff270d912773a857cf9b7eb698cbb63222
This shellcode creates a connection to a host/port and starts a shell. This should be more anti-IDS then the others and it can go through a firewall.
d50e538d758dd930f5ec6b120b1229f2cdae67049c11ce1d22075a1a803c46f2