i now think that elf format is a portable format..and
it doesnt contain machine dependent opcodes...and the
kernel uses a seperate interpreter to convert the ELF
into native machine code...i suppose that is why i am
not seeing my opcodes in the object file...(i tried
readelf and objdump)..am i right ?
then about ur blog
i didnt get much of that....
char shellcode[]="\x31\xdb\xb\x01\xcd\x80";
int main(int argc,char *argv[])
{ int *ret;
*((char**)(&ret+8))=shellcode;
}
would u b kind enough to explain what happens in this
program...
is this the meathod used for buffer overflow
attacks..??
regards MAX
--- amitesh singh <[EMAIL PROTECTED]> wrote:
> Try this link.....
> it will help u I guess
> http://www.aplawrence.com/Blog/B1081.html
>
> Regards
> Amitesh Singh
>
> amitesh singh <[EMAIL PROTECTED]> wrote:
> Hey
>
> dump ur object file using "objdump -d a.out" or
> using "readelf"
> it will show the machine codes equivalent to ur
> program instruction..
>
> r u intrested in writing SHELLCODES?
>
>
>
> MAX <[EMAIL PROTECTED]> wrote:
> hi all...i am some what new to linux .and today i
> tried some assembly programming in linux..i used
> NASM
> to write a simple program...and assembled it into
> ELF.....but when i use Hexeditor to view the
> generated
> oblect file i cant see the corresponding opcodes in
> the ELF file...like if i have written MOV
> EAX,10..which have opcode 66 67.. ( i thnk so).i
> cant
> see these pattern in the object file...can any one
> tell me why i this..i searched the net for ELF
> formats...but i am not happy with results...is there
> any good resource in net that describes elf...and
> other formats in linux and how they r
>
implemented..........................................bye
> MAX
>
>
>
> _______________________________
> Do you Yahoo!?
> Express yourself with Y! Messenger! Free. Download
> now.
> http://messenger.yahoo.com
>
>
> To unsubscribe, send a blank message to
> <mailto:[EMAIL PROTECTED]>.
>
>
>
>
> ---------------------------------
> Do you Yahoo!?
> Yahoo! Mail Address AutoComplete - You start. We
> finish.
>
> To unsubscribe, send a blank message to
> <mailto:[EMAIL PROTECTED]>.
>
>
> Yahoo! Groups SponsorADVERTISEMENT
>
>
> ---------------------------------
> Yahoo! Groups Links
>
> To visit your group on the web, go to:
> http://groups.yahoo.com/group/c-prog/
>
> To unsubscribe from this group, send an email to:
> [EMAIL PROTECTED]
>
> Your use of Yahoo! Groups is subject to the
> Yahoo! Terms of Service.
>
>
>
> ---------------------------------
> Do you Yahoo!?
> Read only the mail you want - Yahoo! Mail SpamGuard.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
To unsubscribe, send a blank message to <mailto:[EMAIL PROTECTED]>.
| Yahoo! Groups Sponsor | |
|
|
Yahoo! Groups Links
- To visit your group on the web, go to:
http://groups.yahoo.com/group/c-prog/
- To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
- Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
