Dailydave mailing list archives

Shellcode

From: "Pedro E" <pedro () enzona com>
Date: Tue, 29 Nov 2005 11:20:36 -0300

Hi All!

I'm looking from some orientation to write a specific shellcode,
I think that is a simple problem but I can find a solution.

I have to execute a simple shellcode using hard coded addresses with amsgbox:

LibraryReturn:
      pop ecx                         ;get the library string

mov [ecx + 10], dl ;MY PROBLEM is this line I don't havethe right permissions to modify the NULL value and finish the string

      mov ebx, 0x79470221             ;LoadLibraryA(libraryname);
      push ecx                        ;beginning of user32.dll

call ebx ;eax will hold the module handlejmp short FunctionName

xxx
..

..

GetLibrary:
      call LibraryReturn

db 'user32.dllN'There is other way to set the null value? I can't modify the memory when iexecute the shellcode.

Anybody have any tip to bypase this problem?
Thanks a lot.

Pedro Ezcueti.

Shellcode Pedro E (Nov 29)
- RE: Shellcode Dave Korn (Nov 29)
  - RE: Shellcode Dave Korn (Nov 29)
- Re: Shellcode Alexander Sotirov (Nov 29)
  - Re: Shellcode Isaac Dawson (Nov 29)
    - Re: Shellcode Dave Aitel (Nov 29)
    - Re: Shellcode H D Moore (Nov 29)
    - Re: Shellcode halvar (Nov 30)
    - RE: Shellcode Dafydd Stuttard (Nov 30)
    - Re: Shellcode halvar (Nov 30)
    - Re: HOLY GOD WE ARE SO OLD Matt Hargett (Nov 30)

(Thread continues...)