writing shellcode: why my shellcode won't work?

I'm currently writing a shellcode that exploit a target program that uses the puts function. The program looks like this:#include <stdio.h>main() { char buf[123]; puts(gets(buf));}What I want to do is overflow this buffer and invoke execve with some arguments. I have a test program that's written in c/inline assembly that can invoke execve with some arguments, then I use gdb to get the shellcode from this program. From my understanding, the stack layout looks like this: |-------buffer(+padding)---------|---------sfp---------|------...Read more

injecting shellcode

i have a .cmd file on a webserver with a variable user="...", vulnerable against buffer overflows. I can execute the .cmd file via ssh or via web. Now i have this shellcode:#include <stdio.h>char sc[] = " ... ";void main(void){ void(*s)(void); printf("size: %d\n", sizeof(sc)); s = sc; s();}my problem is, i don't know how this all plays together. I know what the Assembler and the C code does, but how do i inject the code into the running cmd file?...Read more

how can convert assembly with extern function to shellcode in osx 64 intel

I want to convert this assembly program to shellcode.This program just creates a file , my purpose is how I should convert assembly to shellcode when I using extern command in itMy assmbly code is :extern _fopen,_fcloseglobal mainsection .textmain: xor r10,r10 push r10 mov r13, 0x6277 push r13 mov rsi,rsp push r10 mov r13, 0x726964656b616d push r13 mov rdi,rsp call _fopen mov r14, rax mov rdi, r14 call _fclose mov rax, 0x2000001 ; exit mov rdi, 0 syscallI ...Read more

shellcode - Shell code print character(64bits)

I have a problem with this shell code.When I run the assembler code it prints the caracter, but when I call it as a function from c it does not.I used gdb to test all the instruction executed and it seems to execute all the instructions.It is very weird because I debugged both asm and c versions and they do the same but in the int 0x80 it prints nothing for the C code.This is the C code:#include <stdio.h>#include <sys/mman.h>#include <string.h>#include <stdlib.h>int (*sc)();/**********************************************...Read more