;nasm -f elf64 pepsi.asm
;ld -s -o pepsi pepsi.o
;for i in $(objdump -d pepsi|grep “^ ” |cut -f2); do echo -n ‘\x’$i; done; echo
;gcc pepsi.c -o pepsi -fno-stack-protector -z execstack -no-pie
lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 16.04.2 LTS Release: 16.04 Codename: xenial
#include <stdio.h>
#include <string.h>
unsigned char shellcode[] =
"\xeb\x1e\x5e\x48\x31\xc0\xb0\x01\x48\x89"
"\xc7\x48\x89\xfa\x48\x83\xc2\x0e\x0f\x05"
"\x48\x31\xc0\x48\x83\xc0\x3c\x48\x31\xff"
"\x0f\x05\xe8\xdd\xff\xff\xff\x50\x65\x70"
"\x73\x69\x20\x57\x6f\x72\x6c\x64\x21\x0a";
void main(){
int (*ret)() = (int(*)())shellcode;
ret();
}
🙂