|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Shellcode questions
From: sin (sin
insolence.net)
Date: Thu Jun 05 2003 - 13:08:23 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
All 'shellcode' is, is the character string (traditionally) containing the
hex opcodes for processor specific instructions; if you used gcc to create
the assembly for your shellcode, then yes it could/would change if a newer
version of gcc was used; or if a newer version of the kernel is there
*AND* somewhere in there the system calls changed, regardless the
instructions wouldnt change because the processor's are the same.
You might want to skip gcc altogether and just use plain assembly, the
methods you use to use system calls (i wont get into syscalls w/ >6 args),
is that you put the system call number into the eax register, then the
first arg into ebx, 2nd into ecx, and so on; then call int 80, your return
value will be in eax;
xorl %ebx, %ebx
xorl %ecx, %ecx
movb $0x46, %eax
int $0x80
that is the code for a setreuid system call, then all you need to do is
call execve.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
iD8DBQE+34cZoEcehqzkkpgRAmaaAJ9xCw9HxLQdmBNVTUDxVSDWEYBFBQCeJJKx
L1BQH0cm1gGE6XbQjmzgSTw=
=s5XV
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]