Created
June 18, 2015 14:25
-
-
Save mykiimike/6edef9f383b751871522 to your computer and use it in GitHub Desktop.
Find the bug
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * -( nemo2.c )- | |
| * | |
| * 2015 | |
| * | |
| */ | |
| #include <stdio.h> | |
| #include <sys/mman.h> | |
| #include <stdlib.h> | |
| #include <unistd.h> | |
| #include <sys/types.h> | |
| #include <fcntl.h> | |
| #include <openssl/sha.h> | |
| //0000000: 9090 9090 9090 9090 9090 9090 9090 9090 ................ | |
| //0000010: 9090 9090 c30a ...... | |
| #define DAHASH "dff3f88ce2a59972f0c84a4d730519ebfd591f9d0d4bfeb6970f1114a217c1fe" | |
| int main(int ac, char **av) | |
| { | |
| int i,fd; | |
| long *mapped; | |
| void (*fp)(); | |
| char md[SHA256_DIGEST_LENGTH]; | |
| char ascii_hash[SHA256_DIGEST_LENGTH * 2]; | |
| if(ac != 2) { | |
| printf("usage: %s <shellcode file>\n",av[0]); | |
| exit(1); | |
| } | |
| if((fd = open(av[1],O_RDONLY)) == -1) { | |
| printf("[!] error: failed to open\n"); | |
| exit(1); | |
| } | |
| if((mapped = mmap(NULL, 0x1000, PROT_READ|PROT_EXEC, MAP_SHARED, fd, 0)) == -1) { | |
| printf("[!] error: mmap failed\n"); | |
| exit(1); | |
| } | |
| if(!SHA256(mapped, 0x1000,&md)) { | |
| printf("[!] error: could not create SHA256\n"); | |
| exit(1); | |
| } | |
| for(i = 0; i < SHA256_DIGEST_LENGTH; i++) { | |
| sprintf(&ascii_hash[i*2],"%02x", (unsigned char)md[i]); | |
| } | |
| printf("[+] Hash of input: %s\n",ascii_hash); | |
| if(strcmp(ascii_hash, DAHASH)) { | |
| printf("[!] error: hash did not match\n"); | |
| exit(1); | |
| } | |
| printf("[+] Match, executing payload\n"); | |
| fp = mapped; | |
| fp(); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment