Metasploit mailing list archives
A little offtopic: Get EIP
From: warl0ck at metaeye.org (Pranay Kanwar)
Date: Tue, 26 Jun 2007 15:08:01 +0530
Hi, This happens cause now being in kernel mode the addressing changes due to different setup of segment registers. Also call 0x0 will point the call instruction to next byte. 0x08048335 <main+17>: call 0x8048336 <main+18> 0x0804833a <main+22>: pop %eax (gdb) x/x 0x08048335 0x8048335 <main+17>: 0xfffffce8 Instead the following should do things right call peip peip: pop %eax 0x08048335 <main+17>: call 0x804833a <main+22> 0x0804833a <main+22>: pop %eax (gdb) x/x 0x08048335 0x8048335 <main+17>: 0x000000e8 Also no need for manual editing of addresses. Regards warl0ck // MSG http://www.metaeye.org
Current thread:
- A little offtopic: Get EIP Clemens Kolbitsch (Jun 25)
- A little offtopic: Get EIP Clemens Kolbitsch (Jun 25)
- A little offtopic: Get EIP Pranay Kanwar (Jun 26)
- A little offtopic: Get EIP Clemens Kolbitsch (Jun 26)
- A little offtopic: Get EIP Clemens Kolbitsch (Jun 26)
- A little offtopic: Get EIP Jerome Athias (Jun 26)
- A little offtopic: Get EIP Clemens Kolbitsch (Jun 26)
- A little offtopic: Get EIP Clemens Kolbitsch (Jun 26)
- A little offtopic: Get EIP Pranay Kanwar (Jun 26)
- A little offtopic: Get EIP Pusscat (Jun 26)
- A little offtopic: Get EIP Clemens Kolbitsch (Jun 26)