Metasploit mailing list archives
Creating Shellcode
From: lajjr at yahoo.com (Leo Jackson)
Date: Fri, 8 Feb 2008 06:32:07 -0800 (PST)
HD Moore, In BT2 final it has a gui for making exploits an IDE.. What happened to it?? --- H D Moore <hdm at metasploit.com> wrote:
The objdump output does not equal shellcode, especially if you make *any* library calls. On Linux and BSD, you can avoid library calls by going directly to inlined syscalls in your C code, however, on Windows, you really need to access functions inside kernel32 to make any progress. Unless you write your C code very carefully (and essentially mimic what most Windows shellcode does with regards to finding the base of kernel32), it just won't work. There are a few options available for doing this properly: InlineEgg - http://oss.coresecurity.com/projects/inlineegg.html MOSDEF - http://immunitysec.com/resources-freesoftware.shtml METASM - http://metasm.cr0.org/ (C compiler is new, not sure if does Windows yet) -HD On Thursday 07 February 2008, macubergeek at comcast.net wrote:I just ran objdump -Dslx against nc.exe on a Linuxbox. It seems towork ok. Can you see any reason why objdumpwouldn't work properlyagainst windows executables as well as Linuxbinaries?
Leo Albert Jackson Jr Owner Head Programmer LJ's Electronics and Software
Current thread:
- Creating Shellcode, (continued)
- Creating Shellcode nnp (Feb 07)
- Creating Shellcode Ty Miller (Feb 07)
- Creating Shellcode Michael Behan (Feb 06)
- can there be a succeeded exploit? Prince Brave (Feb 06)
- can there be a succeeded exploit? H D Moore (Feb 06)
- can there be a succeeded exploit? Prince Brave (Feb 06)
- can there be a succeeded exploit? Prince Brave (Feb 06)
- Creating Shellcode H D Moore (Feb 07)
- Creating Shellcode J.M. Seitz (Feb 07)
- Creating Shellcode Ty Miller (Feb 07)
- Creating Shellcode Leo Jackson (Feb 08)
- Creating Shellcode H D Moore (Feb 09)