HTTPGETでも使えてPort2001のShellがあくようなShellCodeだそうです・・・

* Bind /bin/sh to TCP port 2001. Calls setuid(0) so /bin/sh won't
* drop privileges. Has no space (0x20) or '?' (0x3f) characters, so
* it may be used in an HTTP GET request. For Solaris/SPARC.