{"type":"rich","width":"100%","version":"1.0","url":"https://kakyouim.hatenablog.com/entry/2020/06/15/132936","author_name":"kakyouim","author_url":"https://blog.hatena.ne.jp/kakyouim/","image_url":"https://cdn.blog.st-hatena.com/images/theme/og-image-1500.png","height":"190","published":"2020-06-15 13:29:36","blog_title":"\u9ad8\u6797\u306e\u96d1\u8a18\u30d6\u30ed\u30b0","provider_name":"Hatena Blog","title":"msfvenom\u3067\u4f5c\u6210\u3057\u305fpayload\u306e\u30c7\u30b3\u30fc\u30c9\u52d5\u4f5c\u3092\u8ffd\u3046","provider_url":"https://hatena.blog","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fkakyouim.hatenablog.com%2Fentry%2F2020%2F06%2F15%2F132936\" title=\"msfvenom\u3067\u4f5c\u6210\u3057\u305fpayload\u306e\u30c7\u30b3\u30fc\u30c9\u52d5\u4f5c\u3092\u8ffd\u3046 - \u9ad8\u6797\u306e\u96d1\u8a18\u30d6\u30ed\u30b0\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","categories":[],"description":"\u6982\u8981 encode\u3055\u308c\u305fPayload\u306edecode\u306e\u4ed5\u7d44\u307f \u4e8b\u524d\u6e96\u5099 Payload\u5b9f\u884c\u76f4\u524d Decode\u3059\u308b\u3068\u3053 FLD ST(1) \u5b9f\u884c\u5f8c FSTENV (28-BYTE) PTR SS:[ESP-C] \u5b9f\u884c\u5f8c MOV ESI,BB356FCF \u5b9f\u884c\u5f8c POP EAX \u5b9f\u884c\u5f8c XOR ECX,ECX \u5b9f\u884c\u5f8c MOV CL,52 \u5b9f\u884c\u5f8c XOR DWORD PTR DS:[EAX+17],ESI \u5b9f\u884c\u5f8c ADD ESI,DWORD PTR DS:[EAX+17] \u5b9f\u884c\u5f8c ADD EAX,4 \u5b9f\u884c\u5f8c LOOPD SHORT 0x71FCFB \u5b9f\u884c\u5f8c 0x52\u56de\u306e\u30eb\u30fc\u30d7\u5f8c(\u5b8c\u5168\u306bdecode\u5f8c\u2026","blog_url":"https://kakyouim.hatenablog.com/"}