Security Basics mailing list archives
Re: Shellcode jmp problem
From: Claes Nyberg <md0claes () mdstud chalmers se>
Date: Fri, 17 Oct 2003 01:17:22 +0200 (MET DST)
It's not really the same instruction, compare the first byte "\xe9" and "\xeb". Use the instruction reference to look up the difference (http://www.mdstud.chalmers.se/~md0claes/IntelInstrSet.pdf) :-) You could also push the string onto the stack and save the value of esp, since that's the address to your string. pushl $0x68732f2f # 'hs//' (Little endian) pushl $0x6e69622f # 'nib/' movl %esp,%ebx # Address to pushed string saved in ebx // CMN On Thu, 16 Oct 2003, Darragh O'Brien wrote:
Hi, I'm having trouble trying to recreate Aleph One's shellcode. My initial jmp generates 5 bytes \xe9\x19\x00\x00\x00 but Aleph One's jmp only generates two \xeb\x19 - I'd be grateful if someone could tell me where I'm going wrong. Thanks, Darragh --------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ----------------------------------------------------------------------------
------------------------------------------------------------------------------ Citation : The number of UNIX installations has grown to 10, with more expected. _The UNIX Programmer's Manual_, Second Edition, June, 1972 ------------------------------------------------------------------------------ --------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ----------------------------------------------------------------------------
Current thread:
- Shellcode jmp problem Darragh O'Brien (Oct 16)
- Re: Shellcode jmp problem Claes Nyberg (Oct 16)
- Re: Shellcode jmp problem Karma (Oct 17)