[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: shellcoding on gentoo



Hi Borja,


On Mon, Feb 20, 2006 at 01:56:45AM +0100, Borja wrote:
> Hi
> 
> Lot of ppl tell me that I did not proper zero the EAX register,so 3 MSB 
> of eax corrupt trapping the syscall, but Its OK.
> I successfully run the shellcodes on a debian box,but in gentoo,allways 
> SEGFAULT.
> 
> There is it, a new log:
> 
> ------------------------------------------------------------------------------------------------------------------------------------------------------ 
> 
> petalo shellcode # cat 1.asm
> BITS 32
> 
> ;exit()
> xor eax,eax
> xor ebx,ebx
> mov eax,1
> int 0x80
> 
> petalo shellcode # nasm -g -f elf 1.asm
> petalo shellcode # ld 1.o
> ld: warning: cannot find entry symbol _start; defaulting to  00000000080480a0
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  The above line is self-explanatory, you forget add _start symbol to
  your assembler program to let ld do its work properly, i suggest you
  that write your assembler programs in a more standard way (to avoid
  problems with diferent distros, etc), that's it:

  $ cat new1.asm
  Section .text
 	global  _start

  _start:
	xor     ebx,ebx ;= mov ebx,0 | 31 db
	mov     al,1    ;= mov eax,1 | b0 01
	int     0x80    ;            | cd 80
				  

  If you forget add _start symbol the linker don't know when it has to
  start to read the code(instruccions). This program should work on any
  linux distro.
  Then:
  $ nasm -f elf new1.asm
  and get OPcodes.

  I hope that this helps you.