How to open bash from executable?
Question
I am trying to open a bash shell (in Linux) from inside a C or C++ executable. I tried both languages but the compiled executable is more than 4kb because of the libraries needed to make a system call.
I need to make the executable less or equal to 4Kb. How can i do that?
2 answers
solution1
2 ACCPTED 2012-01-29 07:53:44
Did you stripped your program? This example code gives less than 4K both with C and C++:
$ cat shell.c
#include <stdlib.h>
int main() {
system("echo hello");
return 0;
}
$ gcc -o shell shell.c
$ strip -s shell
$ ./shell
hello
$ du -b shell
2836 shell
$ g++ -o shell shell.c
$ strip -s shell
$ ./shell
hello
$ du -b shell
3216 shell
Of course you can make executable even smaller. Write it in asm and do not link any libraries.
solution2
2 2012-01-29 07:54:05
If all you need to do is exec a shell, compiling
#include<unistd.h>
int main(){
static char* bash[] = {"/bin/bash", NULL};
execv(*bash, bash);
}
With dietlibc as diet -Os gcc test.c yields an executable of 2929 bytes. Stripping the binary with strip a.out yields 1464 bytes. This also has the benefit of being statically linked, which is appropriate for an exploit.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.