Grand, cheers for the info. I was just testing the water to see if anyone has experimented but seems like uncharted territory. Thanks for the libc tip, I will take a look at it and compare it to what linux kernel results. Most information out there is for SPARC but little for x86. Maybe there are similarities, I'll keep looking.
Thanks again. will > > On Wed, 6 Jun 2007, James Carlson wrote: > > > Will Dowling writes: > >> I'm attempting to write some shellcode under Solaris, > I'm running Solaris Nevada Build 55b on an x86 laptop. > > > OK so far. > > > >> Now I'm assuming building and linking with nasm then > finding the opcodes with objdump should work but even a > simple piece of code segfaults. > > > I assume by "nasm" you're referring to the "netwide > > assembler" on sourceforge. > > > > What does that have to do with shell scripting? (Does > > "shellcode" mean something special here?) > > Usually, the term "shellcode" is used for the machine code > that's starting a root shell (hence "shellcode") when > running e.g. a buffer overflow exploit. > > It's an interesting educational experience to have it > written yourself at least once. > > If you're e.g. teaching programming, demonstrating to your > pupils the perils of suid-root programs and strcpy() > live-in-action is much more impressive and sticks better > than simply talking about that. > > If you're trying to hack, well, continue to try. The > learning curve is steep for a reason ;-) > > > > >> I'm assuming it is much different to Linux due to the > Kernel. Anyone can point me in any directions for helpful > resources? > > > On Solaris, the documented system interfaces are > > provided by libc.so.1 and related libraries. We don't > > document the system call interface, and it's not stable. > > 32bit Linux/x86 Shellcode will pass args in registers, > while 32bit Solaris/x86 shellcode would have to pass it > on the stack. In addition, the system call mechanism is > different as well. The easiest way to figure out how > Solaris system calls work is to disassemble libc, and see > how that does it. Try it out :) > > > > > Are you trying to write your own system calls? > > Given the term "shellcode", I'd doubt that :) > > FrankH. _______________________________________________ opensolaris-code mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
