#include <stdio.h>

/* 

write(1,"radare rocks!"); + _exit()
works on Solaris 2.6

--srm

*/


static char rocks[]  =
          "\x82\x10\x20\x04"       // mov          4, %g1
          "\x90\x10\x20\x01"       // mov          1, %o0
          "\x21\x1c\x98\x59"       // sethi        %hi(0x72616400), %l0
          "\xa0\x14\x20\x61"       // or           %l0, 0x61, %l0  ! 0x72616461
          "\x23\x1c\x99\x48"       // sethi        %hi(0x72652000), %l1
          "\xa2\x14\x60\x72"       // or           %l1, 0x72, %l1  ! 0x72652072
          "\x25\x1b\xd8\xda"       // sethi        %hi(0x6f636800), %l2
          "\xa4\x14\xa3\x73"       // or           %l2, 0x373, %l2 ! 0x6f636b73
          "\x27\x08\x48\x40"       // sethi        %hi(0x21210000), %l3
          "\xa6\x14\xe0\x0a"       // or           %l3, _PROCEDURE_LINKAGE_TABLE_, %l3     ! 0x21210000
          "\x92\x23\xa0\x10"       // sub          %sp, 16, %o1
          "\xe0\x3b\xbf\xf0"       // std          %l0, [%sp - 16]
          "\xe4\x3b\xbf\xf8"       // std          %l2, [%sp - 8]
          "\x94\x10\x20\x10"       // mov          16, %o2
          "\x91\xd0\x20\x08"       // ta           0x8
          "\x82\x10\x20\x01"       // mov          1, %g1
          "\x90\x10\x20\x00"       // clr          %o0
          "\x91\xd0\x20\x08";      // ta           0x8


int
main ()
{
        int (*ret)();              /* ret is a function pointer */
        ret = (int(*)())rocks;        /* ret points to our shellcode */
                                   /* shellcode is type caste as a function */
        (int)(*ret)();             /* execute, as a function, shellcode[] */

}