Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

write-shellcode

From: Andrew Fast0w <aur0spy () gmail com>
Date: Sat, 10 Oct 2009 19:44:50 +0530
i am currently learning shellcoding. Am having a problem with the following :

the asm code is a simple write followed by an exit syscall.This is working
---------------------------------------------------------------------------------------------------------------
.text
.globl _start

        _start:
                jmp stringaddr

                ShellCode:
                popl %esi
                movb $0x4,%al
                movb $0x1,%bl
                movl %esi,%ecx
                movb $0x5,%dl
                int $0x80
                xorl %eax,%eax
                inc %eax
                xorl %ebx,%ebx
                inc %ebx
                inc %ebx
                int $0x80 #exit(2)

                stringaddr:
                Call ShellCode
                string: .ascii "r00t\n"
--------------------------------------------------------------------------------------------------
Converted the above to shellcode
-------------------------------------------------
char 
shellcode[]="\xeb\x14\x5e\xb0\x04\xb3\x01\x89\xf1\xb2\x05\xcd\x80\x31\xc0\x40\x31\xdb\x43\x43\xcd\x80\xe8\xe7\xff\xff\xff\x72\x30\x30\x74\x0a";

int main()
{
        int *ret;
        ret=(int*)&ret + 2;
        (*ret)=(int)shellcode;
}
--------------------------------------------------------------------------------------------------
the shellcode is getting executed b/c the exit value is of the program is 2.
But am not getting the output of the write syscall !

Can someone please explain why ?

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: