Interpreting a shellcode

779 views Asked by At

I am calling a shellcode using buffer overflow to spawn a root shell. Can somebody explain what this shellcode exactly does? I have tried different shellcodes to spawn a root shell, but this was the only one which worked for me.

\x31\xdb\x89\xd8\xb0\x17\xcd\x80\x31\xdb
\x89\xd8\xb0\x2e\xcd\x80\x31\xc0\x50\x68
\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89
\xe3\x50\x53\x89\xe1\x31\xd2\xb0\x0b\xcd
\x80
1

There are 1 answers

0
Medinoc On

On first glance, the code appears to do setuid(0), then setgid(0), then call sys_execve() on some values (which include ASCII codes for "/bin//sh").

Looks like this is pure "payload" code, since I don't see anything to ensure the code is executed on the first place (buffer overflow, stack smashing, etc.).

(Thanks to @Hans Lub for the disassembler link)