Here are some functions ,like WinExec() and exit() ,it's a shellcode for notepad ,but as you observe it isn't injectable.Tested on windows xp sp2,compiled with VC++.
Code:
main()
{
_asm{
push ebp
mov ebp,esp
push ebx
push esi
push edi
mov byte ptr [ebp-8],6Eh
mov byte ptr [ebp-7],6Fh
mov byte ptr [ebp-6],74h
mov byte ptr [ebp-5],65h
mov byte ptr [ebp-4],70h
mov byte ptr [ebp-3],61h
mov byte ptr [ebp-2],64h
mov byte ptr [ebp-1],0
push 5
lea eax,[ebp-8]
push eax
mov eax,0x7c86136d
call eax
push 1
mov eax,0x7c81cdda
call eax
//the address may not be the same,so calculate it yourself with Microsoft SDk with depends.exe tool
//add the kernel address and the entry point address
}
} Here's for CMD shell.
Code:
//author fl0 fl0w
void main(){
_asm{
push ebp
mov ebp,esp
sub esp,44h
push ebx
push esi
push edi
lea edi,[ebp-44h]
mov ecx,11h
mov eax,0CCCCCCCCh
rep stos dword ptr [edi]
mov byte ptr [ebp-4],63h
mov byte ptr [ebp-3],6Dh
mov byte ptr [ebp-2],64h
mov byte ptr [ebp-1],0
push 5
lea eax,[ebp-4]
push eax
mov eax,0x7c86136d
call eax
push 1
mov eax,0x7c81cdda
call eax
}} Btw who is most experienced in stack overflows ?I'm having some problems ,hoping I can get someone to help me.
![some functions[C/C++]](http://heapoverflow.com/f0rums/images/misc/navbits_finallink_heap.gif)
27-12-07
some functions[C/C++] 
Linear Mode
