re: Tiny Windows 2000 Reverse Connect

H D Moore
Monday, October 06, 2003

I managed to get a null-free version right around 200 bytes, but any really small XOR encoder will work as well. This technique, dubbed 'Vampiric Imports' is implemented in the following code:
- http://metasploit.com/sc/win2000_vampiric_connector.asm

Very nice. I reckon you could make it even smaller quite easily though; surely in most cases, any program that you send an overflow to down a socket will already have called WSAStartup for you, and you could just omit that part of the code ?


