Dailydave mailing list archives
RE: Shellcode
From: "Dave Korn" <dave.korn () artimi com>
Date: Tue, 29 Nov 2005 19:06:20 -0000
Dave Korn wrote:
The .text section of a program is protected read-only when the executable file image is loaded into memory.
You need to place your shellcode into either the .data section, the heap (by mallocing and copying it there), or the stack.
... or, of course, you could first call VirtualProtect(Ex) to change the readonly protection on the page to readwrite ... ... although, that will of course leave you with the problem of how to get the function address of VirtualProtect without first having to write a zero to the end of a string that says "VirtualProtectN" ... cheers, DaveK -- Can't think of a witty .sigline today....
Current thread:
- Shellcode Pedro E (Nov 29)
- RE: Shellcode Dave Korn (Nov 29)
- RE: Shellcode Dave Korn (Nov 29)
- Re: Shellcode Alexander Sotirov (Nov 29)
- Re: Shellcode Isaac Dawson (Nov 29)
- Re: Shellcode Dave Aitel (Nov 29)
- Re: Shellcode H D Moore (Nov 29)
- Re: Shellcode halvar (Nov 30)
- RE: Shellcode Dafydd Stuttard (Nov 30)
- Re: Shellcode halvar (Nov 30)
- Re: HOLY GOD WE ARE SO OLD Matt Hargett (Nov 30)
- Re: Shellcode Isaac Dawson (Nov 29)
- Re: Shellcode halvar (Nov 30)
- Re: Shellcode Dustin D. Trammell (Nov 30)
- RE: Shellcode Dave Korn (Nov 29)