Shellcode 1.0
(VirTool.Win32.EggTest)

by Delikon

Released in october 2002

Made in Germany

more versions


Introdution:

This programm based mainly on kungfoo a genetic win32 shellcode
generator.

The idea of my generator is, to generate a genetic shellcode with one
click.
i have made a few test, but mainly it is untested. Test it and write
me your impressions.

at default it generates a shellcode which download a file called
klein.exe, first is it was a trojan called asylum
but no it is a proggy which opens a msgbox. 

The Use:

the shellcodegenerator get the kernelbase address automaticlly(if you
use the shellcode on another 
machine you need another kernel base 
       
            some kernel base addresses:
	Win95 (3rd release?)		- 0xBFF70000
	Win98 (1st and 2nd editions) 	- 0xBFF70000
	WinME 				- 0xBFF60000
	WinNT4 (service pack 4 and 5)	- 0x77F00000
	my win2k 			- 0x77E70000
)				

the next step is to fill out the downloadpage and the name of the
downloaded file on the 
taget machine.

Attention-> don't use a big download file, only small trojans like
asylum, or bat-files
 
click the "Make Shellcode" button and 3 files will appear the  

asm.txt              (the asm sourcecode) 
the asm.s            (compiled sourcecode) 
and the shellcode.c  (the file where the hex-shellcode is in).

If you click "test shellcode" the command "execute asm.s" will start
to test the code.
But if you want to test the real shellcode, compile shellcode.c with
borland or cl.

Attention -> NEVER REMOVE THE GEN.TXT!!!!!!!! The Generator will not
work without it.
if you want down load files which are bigger than 999kb change this
line in gen.txt

BUFFERSIZE	EQU	999999		; size of mem alloced for downloaded file in bytes

Delikon



MegaSecurity