Metasploit mailing list archives
Creating Shellcode
From: tyronmiller at gmail.com (Ty Miller)
Date: Fri, 8 Feb 2008 07:16:46 +1100
Thanks mate ... I'll check out the links. I am currently developing on Linux and am making library calls, which was one reason why I was turning to Hellkit since it apparently provides a bunch of inlined syscalls. So, would you recommend that I merge all of my functions into the main function so that I can use Hellkit? (taking into account that this is my first attempt at writing shellcode) On 2/8/08, H D Moore <hdm at metasploit.com> wrote:
The objdump output does not equal shellcode, especially if you make *any* library calls. On Linux and BSD, you can avoid library calls by going directly to inlined syscalls in your C code, however, on Windows, you really need to access functions inside kernel32 to make any progress. Unless you write your C code very carefully (and essentially mimic what most Windows shellcode does with regards to finding the base of kernel32), it just won't work. There are a few options available for doing this properly: InlineEgg - http://oss.coresecurity.com/projects/inlineegg.html MOSDEF - http://immunitysec.com/resources-freesoftware.shtml METASM - http://metasm.cr0.org/ (C compiler is new, not sure if does Windows yet) -HD On Thursday 07 February 2008, macubergeek at comcast.net wrote:I just ran objdump -Dslx against nc.exe on a Linux box. It seems to work ok. Can you see any reason why objdump wouldn't work properly against windows executables as well as Linux binaries?
-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20080208/a78c4008/attachment.htm>
Current thread:
- Creating Shellcode, (continued)
- Creating Shellcode Ty Miller (Feb 07)
- Creating Shellcode nnp (Feb 07)
- Creating Shellcode Ty Miller (Feb 07)
- Creating Shellcode Ty Miller (Feb 07)
- Creating Shellcode Michael Behan (Feb 06)
- can there be a succeeded exploit? Prince Brave (Feb 06)
- can there be a succeeded exploit? H D Moore (Feb 06)
- can there be a succeeded exploit? Prince Brave (Feb 06)
- can there be a succeeded exploit? Prince Brave (Feb 06)
- Creating Shellcode H D Moore (Feb 07)
- Creating Shellcode J.M. Seitz (Feb 07)
- Creating Shellcode Ty Miller (Feb 07)
- Creating Shellcode Leo Jackson (Feb 08)
- Creating Shellcode H D Moore (Feb 09)