Re: shellcoding on gentoo

[security () spinfoo net]

Hi Borja,


On Mon, Feb 20, 2006 at 01:56:45AM +0100, Borja wrote:
> Hi
>
> Lot of ppl tell me that I did not proper zero the EAX register,so 3 MSB 
> of eax corrupt trapping the syscall, but Its OK.
> I successfully run the shellcodes on a debian box,but in gentoo,allways 
> SEGFAULT.
>
> There is it, a new log:
>
> ------------------------------------------------------------------------------------------------------------------------------------------------------
>  
>
> petalo shellcode # cat 1.asm
> BITS 32
>
> ;exit()
> xor eax,eax
> xor ebx,ebx
> mov eax,1
> int 0x80
>
> petalo shellcode # nasm -g -f elf 1.asm
> petalo shellcode # ld 1.o
> ld: warning: cannot find entry symbol _start; defaulting to  00000000080480a0
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  The above line is self-explanatory, you forget add _start symbol to
  your assembler program to let ld do its work properly, i suggest you
  that write your assembler programs in a more standard way (to avoid
  problems with diferent distros, etc), that's it:

  $ cat new1.asm
  Section .text
        global  _start

  _start:
        xor     ebx,ebx ;= mov ebx,0 | 31 db
        mov     al,1    ;= mov eax,1 | b0 01
        int     0x80    ;            | cd 80
                                  

  If you forget add _start symbol the linker don't know when it has to
  start to read the code(instruccions). This program should work on any
  linux distro.
  Then:
  $ nasm -f elf new1.asm
  and get OPcodes.

  I hope that this helps you.