From c9cbeced5b3f2bdd7407e29c0811e65954132540 Mon Sep 17 00:00:00 2001 From: Root THC Date: Tue, 24 Feb 2026 12:42:47 +0000 Subject: initial --- exploits/7350wurm/shellcode/codedump.c | 93 ++++++++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) create mode 100644 exploits/7350wurm/shellcode/codedump.c (limited to 'exploits/7350wurm/shellcode/codedump.c') diff --git a/exploits/7350wurm/shellcode/codedump.c b/exploits/7350wurm/shellcode/codedump.c new file mode 100644 index 0000000..9494b9e --- /dev/null +++ b/exploits/7350wurm/shellcode/codedump.c @@ -0,0 +1,93 @@ +/* shellcode extraction utility, + * by type / teso, small mods by scut. + */ + + +#include +#include +#include + +#ifdef IRIX +#include +#endif + +#ifdef HPUX +extern char * cbegin; +extern char * cend; +#else +extern void cbegin (); +extern void cend (); +#endif + +typedef void (* fptr)(void); + +int +bad (unsigned char u); + + +int +main (int argc, char *argv[]) +{ + int i, + bbytes = 0; + unsigned char * buf = (unsigned char *) cbegin; + + unsigned char ebuf[1024]; + fptr ebuf_p = (fptr) &ebuf[0]; + + + fprintf (stderr, "/* %lu byte shellcode */\n", + (unsigned long int) cend - (unsigned long int) cbegin); + + for (i = 0 ; buf < (unsigned char *) cend; ++buf) { + if (i % 12 == 0 && buf > (unsigned char *) cbegin) + printf ("\n"); + if (i % 12 == 0) + printf ("\""); + + if (bad (*buf & 0xff)) { + printf ("_\\x%02x_", *buf & 0xff); + bbytes += 1; + } else { + printf ("\\x%02x", *buf & 0xff); + } + + if (++i >= 12) { + i = 0; + printf ("\""); + } + } + if (i % 12 == 0) + printf (";\n"); + else + printf ("\";\n"); + + printf("\n"); + + fprintf (stderr, "bad bytes = %d\n", bbytes); + + if (argc > 1) { + memcpy (ebuf, cbegin, (unsigned long int) cend - + (unsigned long int) cbegin); +#ifdef IRIX + memcpy (ebuf + ((unsigned long int) cend - + (unsigned long int) cbegin), "/bin/sh\x42_ABCDEFGHIJKLMNOPQRSTUVWXYZ", 40); + cacheflush (ebuf, sizeof (ebuf), BCACHE); +#endif + ebuf_p (); + } + + exit (EXIT_SUCCESS); +} + + +int +bad (unsigned char u) +{ + if (u == '\x00' || u == '\x0a' || u == '\x0d' || u == '\x25') + return (1); + + return (0); +} + + -- cgit v1.3