Re: extracting shellcode from a execve binary.

[corecode <corecode () corecode ath cx>]

actually i wrote a (more or less) simple perl script exactly for that purpose

it takes advantage of the fact, that objdump can disassemble files.
i could only test this on intel but it should work for other systems too 
unless the output of objdump is different

check this http://www.eikon.tum.de/~simons/security/od2c

basically, it takes one (or several) labels as parameters.

these symbols will be cut out of the objdump input and will be written to 
nice c char[] arrays.

one thing you should be aware of is to use non-public jump labels (like gcc 
does): .Lhere: instead of here:

cheerz
  corecode

At 10:32 AM 8/28/2000, KF wrote:
> Attached is the asm code for execve of /bin/sh in PowerPC linux
> The code compiles and executes fine, however I am having trouble
> extracting the shellcode from the binary... does anyone have any tips
> for getting the shellcode in \x41\x41\x41\x41 format.
>
> I have tried doing x/bx main however I don't really know where to begin,
> I have seen people start at x/bx main+4 and I have seen people
> start at just x/bx main...which is correct? The next question is where
> to stop?
> -KF

--
http://www.eikon.tum.de/~simons/security/