2009-03-17 00:06:53
By Tim Brown
There are many people that know more about the black arts of low-level exploitation than me. Fact. Shell code isn't that novel and that with only 30 or 40 bytes to play with chances are high that someone else will have done it first. Fact. However, in the spirit of learning, I proudly present my first working(?) shellcode. It's a small chunk of AT&T style assembly for the x86_64 architecture running GNU/Linux which calls first setuid(0) and secondly execve("/bin/sh") for use in local exploits. I've attempted to document each and every line of code, so maybe it will be of some use to others that are yet to embark on this journey.
Update: Just checked milw0rm and there is only 1 other piece of shellcode for this platform so maybe this isn't completely lame :).
Mood: Proud
Music: Nothing playing right now
You are unknown, comment