From owner-freebsd-hackers@FreeBSD.ORG  Sat Mar  6 12:31:59 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4F39016A4CE
	for <freebsd-hackers@freebsd.org>;
	Sat,  6 Mar 2004 12:31:59 -0800 (PST)
Received: from smtp.des.no (flood.des.no [217.116.83.31])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1B25243D2F
	for <freebsd-hackers@freebsd.org>;
	Sat,  6 Mar 2004 12:31:59 -0800 (PST)	(envelope-from des@des.no)
Received: by smtp.des.no (Pony Express, from userid 666)
	id DA27E530E; Sat,  6 Mar 2004 21:31:57 +0100 (CET)
Received: from dwp.des.no (des.no [80.203.228.37])
	by smtp.des.no (Pony Express) with ESMTP
	id ED766530A; Sat,  6 Mar 2004 21:31:51 +0100 (CET)
Received: by dwp.des.no (Postfix, from userid 2602)
	id 791F333CA4; Sat,  6 Mar 2004 21:31:51 +0100 (CET)
To: Anthony Schneider <anthony@x-anthony.com>
References: <4048CA38.6040203@yahoo.com>
	<20040305233209.GO67801@wantadilla.lemis.com>
	<20040306142651.314430be@bear.bflony.adelphia.net>
	<20040306202517.GA8384@x-anthony.com>
From: des@des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=)
Date: Sat, 06 Mar 2004 21:31:51 +0100
In-Reply-To: <20040306202517.GA8384@x-anthony.com> (Anthony Schneider's
 message of "Sat, 6 Mar 2004 15:25:17 -0500")
Message-ID: <xzpllmdu37s.fsf@dwp.des.no>
User-Agent: Gnus/5.090024 (Oort Gnus v0.24) Emacs/21.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on flood.des.no
X-Spam-Level: 
X-Spam-Status: No, hits=0.0 required=5.0 tests=AWL autolearn=no version=2.63
cc: freebsd-hackers@freebsd.org
cc: chungwei Hsiung <chsiung2@buffalo.edu>
Subject: Re: Strange instructions in compiler output
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Mar 2004 20:31:59 -0000

Anthony Schneider <anthony@x-anthony.com> writes:
> On Sat, Mar 06, 2004 at 02:26:51PM +0000, chungwei Hsiung wrote:
> > gcc -o shellcode -ggdb -static shellcode.c
> try compiling with the -static flag the gcc.

Reading is fast becoming a lost art...

Anyway, here's the code for execve():

08048224 <__sys_execve>:
 8048224:       b8 3b 00 00 00          mov    $0x3b,%eax
 8048229:       cd 80                   int    $0x80
 804822b:       72 ef                   jb     804821c <main+0x3c>
 804822d:       c3                      ret
 804822e:       90                      nop
 804822f:       90                      nop

exciting, huh?  oh, and the code that calls it:

 8048201:       6a 00                   push   $0x0
 8048203:       8d 45 f8                lea    0xfffffff8(%ebp),%eax
 8048206:       50                      push   %eax
 8048207:       ff 75 f8                pushl  0xfffffff8(%ebp)
 804820a:       e8 15 00 00 00          call   8048224 <__sys_execve>
 804820f:       83 c4 10                add    $0x10,%esp

DES
--=20
Dag-Erling Sm=F8rgrav - des@des.no