shellcode Questions
2
Solved
I am trying to convert an assembly program I wrote into NULL-free shellcode.
However, I am unsure how to go about this for certain instructions.
Some of them (in Intel syntax) include:
push 0x1000
...
Leucoplast asked 28/7, 2011 at 3:57
4
I wrote a simple ASM file and ran it in a C file I'd written. I got a segentation fault. However, when I execute the compiled ASM file, I get no error.
I am running 64 bit and using 32 bit shellco...
Sales asked 9/1, 2014 at 21:9
7
Solved
I want a simple C method to be able to run hex bytecode on a Linux 64 bit machine. Here's the C program that I have:
char code[] = "\x48\x31\xc0";
#include <stdio.h>
int main(int argc, char ...
3
Solved
I'm trying to execute shellcode within a Go program, similar to how you can do it with other languages.
Example 1 - Shellcode in C program
Example 2 - http://www.debasish.in/2012/04/execute-shel...
Carbrey asked 15/5, 2015 at 15:38
5
I want to exploit a stack based buffer overflow for education purposes.
There is a typical function called with a parameter from main, which is given as input from the program a local buffer where...
Hemorrhage asked 5/1, 2012 at 11:11
2
Is is possible to concatenate bytes to str?
>>> b = b'this is bytes'
>>> s = 'this is string'
>>> b + s
Traceback (most recent call last):
File "<stdin>"...
7
Solved
WARNING: This is an exploit. Do not execute this code.
//shellcode.c
char shellcode[] =
"\x31\xc0\x31\xdb\xb0\x17\xcd\x80"
"\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"
"\...
5
I've been working on some exploit development recently to get ready for a training course, and I've run into a problem with a tutorial. I've been following along with all the tutorials I can find, ...
1
Solved
A prior related question was answered. Thank you! However this creates a new question for me. Why does nasm put data bytes at two different memory locations? I include program information and other...
1
Solved
I'm learning to write a simple shell code using assembly. I get a Segment fault when the mov opcode executes to write over the db data. Why? Any guidance appreciated! Debugging with gdb confirms th...
4
Can anyone help me on a Python reverse shell one-liner for Windows (has to be windows one-liner).
I am trying to modify the one for Linux which I have used many times but this is my first time for...
3
Solved
I have some sample code from a shell code payload showing a for loop and using push/pop to set the counter:
push 9
pop ecx
Why can it not just use mov?
mov ecx, 9
1
Solved
I'm trying to write a decoder stub and I'm running into a restriction on 0xFF as a bad character. I'm using the jmp-call-pop method to get the address of my encoded shellcode into a register. Here'...
Gawky asked 21/4, 2019 at 0:17
1
Solved
I have some example code here which I'm using to understand some C behaviour for a beginner's CTF:
// example.c
#include <stdio.h>
void main() {
void (*print)();
print = getenv("EGG");...
6
I have a small program where I wish to pass shellcode as argument. In the shellcode, there is a necessity to pass \x00. I tried the following command:
./program `python -c 'print "\x01\x00\x00\x00...
Menorca asked 6/9, 2011 at 7:17
1
Solved
I am trying to execute the following with execve: /bin//nc -lnke /bin/bash -p 4444
When reading the man page for execve, I see the following requirements:
int execve(const char *filename, char *c...
6
Does anyone know of any online source that provides instruction alternatives to a NOP opcode ?
Like 'xchg ax, ax' and the likes. I'm pretty sure that there is also a tool for it, can someone point...
2
I am new to x86_64 assembly programming. I was writing simple "Hello World" program in x86_64 assembly. Below is my code, which runs perfectly fine.
global _start
section .data
msg: db "Hello t...
Pily asked 3/2, 2018 at 10:19
4
Solved
I've been learning computer security lately and come across a couple problems, and i'm having some trouble with this one in particular.
I'm given a function with a fixed buffer I need to overflow...
Uppsala asked 1/5, 2013 at 19:58
1
Solved
Even though both the programs abide by relative addressing instructions required for shellcode execution, and both print the desired message on execution, the 2nd Sample fails when used as a shellc...
2
Solved
I don't quite understand how variables can be stored in the text section and how they can be manipulated. Shouldn't all variables be in the .data section and aren't all part of the .text section re...
1
Solved
Is there some tool to disassemble a raw hex into assembly instructions? for example: lets say we have \xeb\x1d that disassemble into jmp 0x1f according to this online disassembler. So is ther...
Fleck asked 27/6, 2017 at 13:41
1
Solved
I'm trying to place and execute program-code into a shared-memory region. Initializing and allocating the shared memory as well as copying the shellcode into the "new" memory works as intende...
Effusive asked 8/5, 2017 at 14:7
2
Solved
I played around with buffer overflows on Linux (amd64) and tried exploiting a simple program, but it failed. I disabled the security features (address space layout randomization with sysctl -w kern...
Virtual asked 18/5, 2010 at 16:24
1
Solved
I am confused with the syscall of __NR_execve. When I learn linux system call. The correct way that I know to use execve is like this:
char *sc[2];
sc[0]="/bin/sh";
sc[1]= NULL;
execve(sc[0],sc...
Rapscallion asked 17/4, 2016 at 7:23
1 Next >
© 2022 - 2024 — McMap. All rights reserved.