Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: write-shellcode

From: D Adusumalli <asndpp () gmail com>
Date: Mon, 19 Oct 2009 11:38:25 +0530
Andrew,

Seems like you have not set the JMP instruction appropriately.


On Sat, Oct 10, 2009 at 7:44 PM, Andrew Fast0w <aur0spy () gmail com> wrote:

i am currently learning shellcoding. Am having a problem with the following :

the asm code is a simple write followed by an exit syscall.This is working
---------------------------------------------------------------------------------------------------------------
.text
.globl _start

       _start:
               jmp stringaddr

               ShellCode:
               popl %esi
               movb $0x4,%al
               movb $0x1,%bl
               movl %esi,%ecx
               movb $0x5,%dl
               int $0x80
               xorl %eax,%eax
               inc %eax
               xorl %ebx,%ebx
               inc %ebx
               inc %ebx
               int $0x80 #exit(2)

               stringaddr:
               Call ShellCode
               string: .ascii "r00t\n"
--------------------------------------------------------------------------------------------------
Converted the above to shellcode
-------------------------------------------------
char 
shellcode[]="\xeb\x14\x5e\xb0\x04\xb3\x01\x89\xf1\xb2\x05\xcd\x80\x31\xc0\x40\x31\xdb\x43\x43\xcd\x80\xe8\xe7\xff\xff\xff\x72\x30\x30\x74\x0a";

int main()
{
       int *ret;
       ret=(int*)&ret + 2;
       (*ret)=(int)shellcode;
}
--------------------------------------------------------------------------------------------------
the shellcode is getting executed b/c the exit value is of the program is 2.
But am not getting the output of the write syscall !

Can someone please explain why ?

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------




------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: