Austin Howard fgsahoward
fgsahoward
/ shell3_64_debugging3
Created
June 11, 2018 15:25
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (gdb) x/xb $r8+7 | |
| 0x4000b1 <shell+12>: 0x41 |
fgsahoward
/ shell3_64_debugging2
Created
June 11, 2018 15:24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [howard@sterling bin]$ ps aux | grep shell3 | |
| howard 2799 0.0 0.8 74464 25656 pts/2 S+ 09:10 0:00 gdb -q bin/shell3_64 | |
| howard 2801 0.0 0.0 160 16 pts/2 t 09:10 0:00 /home/howard/repos/bof/shellcodes/bin/shell3_64 | |
| howard 2806 0.0 0.0 11052 2168 pts/1 S+ 09:12 0:00 grep shell3 | |
| [howard@sterling bin]$ cat /proc/2801/maps | |
| 00400000-00401000 r-xp 00000000 08:02 1443291 /home/howard/repos/bof/shellcodes/bin/shell3_64 | |
| 7ffff7ffa000-7ffff7ffd000 r--p 00000000 00:00 0 [vvar] | |
| 7ffff7ffd000-7ffff7fff000 r-xp 00000000 00:00 0 [vdso] | |
| 7ffffffde000-7ffffffff000 rwxp 00000000 00:00 0 [stack] | |
| ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] |
fgsahoward
/ shell3_64_debugging1
Created
June 11, 2018 15:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [howard@sterling shellcodes]$ gdb -q bin/shell3_64 | |
| Reading symbols from bin/shell3_64...(no debugging symbols found)...done. | |
| (gdb) r | |
| Starting program: /home/howard/repos/bof/shellcodes/bin/shell3_64 | |
| Program received signal SIGSEGV, Segmentation fault. | |
| 0x0000000000400088 in system_call () | |
| (gdb) disas system_call | |
| Dump of assembler code for function system_call: | |
| 0x000000000040007e <+0>: mov (%rsp),%r8 |
fgsahoward
/ shell3_64.s
Created
June 11, 2018 15:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # shell3_64.s - Executes "/bin/sh" | |
| # Compile and Link: | |
| # gcc -c shell3_64.s | |
| # ld -o shell3_64 shell3_64.o | |
| .global _start | |
| .text | |
| _start: | |
| xor %rdi, %rdi |
fgsahoward
/ shell3_32.s
Created
June 11, 2018 15:19
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # shell3_32.s - Executes "/bin/sh" | |
| # Compile and Link: | |
| # gcc -c shell3_32.s -m32 | |
| # ld -o shell3_32 -melf_i386 shell3_32.o | |
| .global _start | |
| .text | |
| _start: | |
| # push a NULL byte |
fgsahoward
/ shell2_64_disassembly
Created
June 11, 2018 15:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [howard@sterling shellcodes]$ objdump -Dz obj/shell2_64.o | |
| obj/shell2_64.o: file format elf64-x86-64 | |
| Disassembly of section .text: | |
| 0000000000000000 <_start>: | |
| 0: 55 push %rbp | |
| 1: 48 89 e5 mov %rsp,%rbp |
fgsahoward
/ shell2_64.s
Created
June 11, 2018 15:15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # shell2_64.s - Executes "/bin/sh" | |
| # Compile and Link: | |
| # gcc -c shell2_64.s | |
| # ld -o shell2_64 shell2_64.o | |
| .text | |
| .global _start | |
| _start: | |
| push %rbp |
fgsahoward
/ shell2_32_disassembly
Created
June 11, 2018 15:14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [howard@sterling shellcodes]$ gcc -c shell2_32.s -o obj/shell2_32.o -m32 | |
| [howard@sterling shellcodes]$ objdump -Dz obj/shell2_32.o | |
| obj/shell2_32.o: file format elf32-i386 | |
| Disassembly of section .text: | |
| 00000000 <_start>: | |
| 0: 55 push %ebp |
fgsahoward
/ shell2_32.s
Created
June 11, 2018 15:12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # shell2_32.s - Executes "/bin/sh" | |
| # Compile and Link: | |
| # gcc -c shell2_32.s -m32 | |
| # ld -o shell2_32 -melf_i386 shell2_32.o | |
| .text | |
| .global _start | |
| _start: | |
| push %ebp |
fgsahoward
/ shell1_32_disassembly
Created
June 11, 2018 15:09
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [howard@sterling shellcodes]$ gcc -c shell1_32.s -m32 -o obj/shell1_32.o | |
| [howard@sterling shellcodes]$ ld -melf_i386 -o bin/shell1_32 obj/shell1_32.o | |
| [howard@sterling shellcodes]$ objdump -Dz bin/shell1_32 | |
| bin/shell1_32: file format elf32-i386 | |
| Disassembly of section .text: | |
| 08048074 <_start>: |