我如何使这个简单的shellcode c程序从终端编译?
[英]How do I make this simple shellcode c program compile from terminal?
问题描述
I am trying to compile this using the terminal on ubuntu 12: 
我正在尝试使用ubuntu 12上的终端进行编译:
#include <stdio.h>
#include <stdlib.h>
main()
{
/*declare argument array*/
char *args[2];
args[0] = “/bin/bash”;
args[1] = NULL;
execve(args[0], args, NULL);
exit(0);
}
I found this example on http://www.securitytube.net/video/235 which also happened to be the one Aleph One used in 'Smashing the Stack for Fun and Profit'. 我在http://www.securitytube.net/video/235上找到了此示例,该示例也恰好是“为乐趣和利润而粉碎堆栈”中使用的Aleph One。 I am aware that much has changed since then. 我知道从那以后发生了很大的变化。 In more simple examples I have used: 在更简单的示例中,我使用了:
gcc -ggdb -mpreferred-stack-boundary=2 -fno-stack-protector filename filename.c gcc -ggdb -mpreferred-stack-boundary = 2 -fno-stack-protector filename filename.c
Other times I may include the static utility. 其他时候,我可能会包括static实用程序。 It has worked up until I have tried to compile the C code above. 在我尝试编译上面的C代码之前,它已经奏效了。 The message I receive from the terminal is: 我从终端收到的消息是:
ss@ss-laptop:~$ gcc -static -mpreferred-stack-boundary=2 -fno-stack-protector -o shell shell.c
shell.c: In function ‘main’:
shell.c:9:2: error: stray ‘\342’ in program
shell.c:9:2: error: stray ‘\200’ in program
shell.c:9:2: error: stray ‘\234’ in program
shell.c:9:15: error: expected expression before ‘/’ token
shell.c:9:15: error: stray ‘\342’ in program
shell.c:9:15: error: stray ‘\200’ in program
shell.c:9:15: error: stray ‘\235’ in program
ss@ss-laptop:~$
I understand that this is a very simple example and that this error is probably caused by current standard security measures in linux but I would like to get around them to practise with this example and more in the future. 我知道这是一个非常简单的示例,并且该错误可能是由linux中当前的标准安全措施引起的,但是我希望绕开它们,在以后的示例中进行实践。 If anyone can help, it would be 'smashing'. 如果有人可以提供帮助,那将是“粉碎”。
cheers 干杯
3 个解决方案
解决方案1
4 已采纳 2012-07-04 19:23:35
You have "smart" quotes around your string literal, 您的字符串文字周围有“智能”引号,
“/bin/bash”;
try using ordinary quotes " . 尝试使用普通引号" 。
解决方案2
2 2012-07-04 19:23:11
I think that this has nothing to do with security and instead is the following line: 我认为这与安全性无关,而是以下几行:
args[0] = “/bin/bash”;
The quote characters you're using to delimit the string are not the standard ASCII quote character; 您用来分隔字符串的引号字符不是标准的ASCII引号字符; instead, they're pretty Unicode characters for quotes. 相反,它们是引号的漂亮Unicode字符。
Try rewriting this as 尝试将其重写为
args[0] = "/bin/bash";
by replacing the quote characters with fresh double-quotes. 通过用新的双引号替换引号字符。
As an aside - it's provably impossible for the compiler to detect all programs that might launch a shellcode. 顺便说一句-证明编译器不可能检测到可能启动shellcode的所有程序。 I would be shocked if any standard compiler would do anything at all to stop programs from compiling due to security holes. 如果由于安全漏洞,任何标准编译器会采取任何措施阻止程序编译,我会感到震惊。
Hope this helps! 希望这可以帮助!
解决方案3
0 2012-07-05 08:53:36
Thanks for the rapid responses everyone. 感谢大家的迅速反应。 I have learned a few things: 我学到了一些东西:
1) Copy and paste is stupid 1)复制和粘贴是愚蠢的
2) Dont copy and paste 2)不要复制粘贴
3) check my quotation marks anyway 3)仍然检查我的引号
The answer was the quotation marks. 答案是引号。 I deleted and typed them again. 我删除并再次输入。 *Sigh. *叹。
Cheers 干杯
I'm a newb - I'm the first one to admit it. 我是新手-我是第一个承认它的人。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.