On Wed, 6 Jun 2007, James Carlson wrote:
Will Dowling writes:
I'm attempting to write some shellcode under Solaris, I'm running Solaris
Nevada Build 55b on an x86 laptop.
OK so far.
Now I'm assuming building and linking with nasm then finding the opcodes with
objdump should work but even a simple piece of code segfaults.
I assume by "nasm" you're referring to the "netwide assembler" on
sourceforge.
What does that have to do with shell scripting? (Does "shellcode"
mean something special here?)
Usually, the term "shellcode" is used for the machine code that's starting
a root shell (hence "shellcode") when running e.g. a buffer overflow
exploit.
It's an interesting educational experience to have it written yourself at
least once.
If you're e.g. teaching programming, demonstrating to your pupils the
perils of suid-root programs and strcpy() live-in-action is much more
impressive and sticks better than simply talking about that.
If you're trying to hack, well, continue to try. The learning curve is
steep for a reason ;-)
I'm assuming it is much different to Linux due to the Kernel. Anyone can point
me in any directions for helpful resources?
On Solaris, the documented system interfaces are provided by libc.so.1
and related libraries. We don't document the system call interface,
and it's not stable.
32bit Linux/x86 Shellcode will pass args in registers, while 32bit
Solaris/x86 shellcode would have to pass it on the stack. In addition, the
system call mechanism is different as well. The easiest way to figure out
how Solaris system calls work is to disassemble libc, and see how that
does it. Try it out :)
Are you trying to write your own system calls?
Given the term "shellcode", I'd doubt that :)
FrankH.
_______________________________________________
opensolaris-code mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
