The Shellcode of exit

Enter Man 3 exit under Linux

[Root@localhost ~]# man 3 exit

Get

NAME exit-cause Normal Process termination synopsis #include <stdlib.h> void exit (int statu

s);  DESCRIPTION the exit () function causes normal process termination and the value of status & 0377 is returned to

       The parent (for a Wait (2)).  All functions registered with atexit (3) and On_exit (3) are called, in the reverse order of their. (It is possible for one of the functions to use Atexit (3) or On_exit (3) to register a additional function to be executed during exit processing;  The new registration is added to the front of the "List of functions" remain to be called.) If one of these functions does not return (e.g., it calls _exit (2), or kills itself with a signal), then none of th E remaining functions is called, and further exit processing (in particular, flushing of stdio (3) streams) is Aban  doned. If a function has been registered multiple times using atexit (3) or On_exit (3), then it is CAlled as many times as it is regis-tered.  All open stdio (3) streams are flushed and closed.

       The Files created by Tmpfile (3) are removed.  The C standard specifies two constants, exit_success and Exit_failure, that May is passed to EXIT () to indicate successful

or unsuccessful ter-mination, respectively.
 Return VALUE the exit () function does not return.

Exit has only one argument, and that's the state. I generally set the status to 0, in the C language is called

Exit (0);

The above is implemented in Linux assembly language:

; exit.asm
[section. Text]
global _start
_start:
        xor eax, eax       ; exit is Syscall 1
        mov al, 1       ; Exit is Syscall 1
        xor ebx,ebx     . Zero out ebx
        int 0x80

The system call number for Exit is 1, and the state is 0, so the EAX setting is set to 1,ebx to 0, and then the 0x80 number is interrupted.

Compiling on Linux:

Connection:

The exiter is generated, and then the Exiter is disassembled:

[Root@localhost shellcode]# objdump-d Exiter

Show:

Exiter:     file format elf32-i386


disassembly of section. Text:

08048060 <_start>:
 8048060:       C0                   xor    %eax,%eax
 8048062:       b0                   mov    $0x1,%al
 8048064:                   % db xor    EBX,%EBX
 8048066:       cd                   int    $0x80

So, Shellcode is \x31\xc0\xb0\x01\x31\xdb\xcd\x80.