write-shellcode
|
View:
New views
2 Messages
—
Rating Filter:
Alert me
|
 |
write-shellcode
by Andrew Fast0w
::
Rate this Message:
i am currently learning shellcoding. Am having a problem with the following :
the asm code is a simple write followed by an exit syscall.This is working --------------------------------------------------------------------------------------------------------------- .text .globl _start _start: jmp stringaddr ShellCode: popl %esi movb $0x4,%al movb $0x1,%bl movl %esi,%ecx movb $0x5,%dl int $0x80 xorl %eax,%eax inc %eax xorl %ebx,%ebx inc %ebx inc %ebx int $0x80 #exit(2) stringaddr: Call ShellCode string: .ascii "r00t\n" -------------------------------------------------------------------------------------------------- Converted the above to shellcode ------------------------------------------------- char shellcode[]="\xeb\x14\x5e\xb0\x04\xb3\x01\x89\xf1\xb2\x05\xcd\x80\x31\xc0\x40\x31\xdb\x43\x43\xcd\x80\xe8\xe7\xff\xff\xff\x72\x30\x30\x74\x0a"; int main() { int *ret; ret=(int*)&ret + 2; (*ret)=(int)shellcode; } -------------------------------------------------------------------------------------------------- the shellcode is getting executed b/c the exit value is of the program is 2. But am not getting the output of the write syscall ! Can someone please explain why ? ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ |
|
|
Re: write-shellcode
by asndpp
::
Rate this Message:
Andrew,
Seems like you have not set the JMP instruction appropriately. On Sat, Oct 10, 2009 at 7:44 PM, Andrew Fast0w <aur0spy@...> wrote: > i am currently learning shellcoding. Am having a problem with the following : > > the asm code is a simple write followed by an exit syscall.This is working > --------------------------------------------------------------------------------------------------------------- > .text > .globl _start > > _start: > jmp stringaddr > > ShellCode: > popl %esi > movb $0x4,%al > movb $0x1,%bl > movl %esi,%ecx > movb $0x5,%dl > int $0x80 > xorl %eax,%eax > inc %eax > xorl %ebx,%ebx > inc %ebx > inc %ebx > int $0x80 #exit(2) > > stringaddr: > Call ShellCode > string: .ascii "r00t\n" > -------------------------------------------------------------------------------------------------- > Converted the above to shellcode > ------------------------------------------------- > char shellcode[]="\xeb\x14\x5e\xb0\x04\xb3\x01\x89\xf1\xb2\x05\xcd\x80\x31\xc0\x40\x31\xdb\x43\x43\xcd\x80\xe8\xe7\xff\xff\xff\x72\x30\x30\x74\x0a"; > > int main() > { > int *ret; > ret=(int*)&ret + 2; > (*ret)=(int)shellcode; > } > -------------------------------------------------------------------------------------------------- > the shellcode is getting executed b/c the exit value is of the program is 2. > But am not getting the output of the write syscall ! > > Can someone please explain why ? > > ------------------------------------------------------------------------ > Securing Apache Web Server with thawte Digital Certificate > In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ |
| Free embeddable forum powered by Nabble | Forum Help |
