Vulnerability Development mailing list archives
Re: asm shellcode techniques (especially relevant for win32)
From: RaiSe <raise () netsearch-ezine com>
Date: Thu, 6 Sep 2001 01:26:50 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Generally I preffer to code a proof-o-concept this way (when possible): [AAAAAAAAAAAAAA][EBP][EIP][SHELLCODE] not this way: [SHELLCODE][AAAAA][EBP][EIP]
Yes, but first code has a problem. Look at this code: ** int main(int argc. char *argv[]) { char buffer[256]; strcpy(buffer, argv[1]); printf("%s", argv[2]); } ** If you put the shellcode after [EIP], you will overwrite argc and argv, so, printf will make segv fault. I think that is better to put shellcode before [EBP] and [EIP] when it is possible. ==============-----------------------------============== RaiSe UNDERSEC Security Team / http://www.undersec.com NetSearch Ezine Staff / http://www.netsearch-ezine.com ysfk>2{5~~2s~eska2~}dw2k}g<<< XOR 18 ==============-----------------------------============== -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQE7lwkhSP4h0VxUtqMRApmOAJ9GpfM3Dt6dUqfkRRwC+7u4SeDfDgCgiXx2 x83Kq3APOf7ZsCVCgDUYiBo= =k71I -----END PGP SIGNATURE-----
Current thread:
- asm shellcode techniques (especially relevant for win32) Franklin DeMatto (Sep 04)
- Re: asm shellcode techniques (especially relevant for win32) Enrique A. CompaƱ Gzz. (Sep 05)
- Re: asm shellcode techniques (especially relevant for win32) RaiSe (Sep 05)
- Re: asm shellcode techniques (especially relevant for win32) Ryan Permeh (Sep 05)
- Re: asm shellcode techniques (especially relevant for win32) RaiSe (Sep 05)
- Re: asm shellcode techniques (especially relevant for win32) Enrique A. CompaƱ Gzz. (Sep 05)