Strange instructions in compiler output
chungwei Hsiung
chsiung2 at buffalo.edu
Sat Mar 6 12:43:46 PST 2004
thanks for the reply
compile the code by
gcc -o shellcode -ggdb -static shellcode.c
actually giving me the code you showed below
I still don't understand it because we are supposed to pass in the op code 0xb to %eax, and arguments to %ebx, %ecx, and %edx before calling interupt, but I can't see any of those instruction anywhere. Did I miss anything?
best regards,
Chungwei
On Sat, 06 Mar 2004 21:31:51 +0100
des at des.no (Dag-Erling Smørgrav) wrote:
> Anthony Schneider <anthony at x-anthony.com> writes:
> > On Sat, Mar 06, 2004 at 02:26:51PM +0000, chungwei Hsiung wrote:
> > > gcc -o shellcode -ggdb -static shellcode.c
> > try compiling with the -static flag the gcc.
>
> Reading is fast becoming a lost art...
>
> Anyway, here's the code for execve():
>
> 08048224 <__sys_execve>:
> 8048224: b8 3b 00 00 00 mov $0x3b,%eax
> 8048229: cd 80 int $0x80
> 804822b: 72 ef jb 804821c <main+0x3c>
> 804822d: c3 ret
> 804822e: 90 nop
> 804822f: 90 nop
>
> exciting, huh? oh, and the code that calls it:
>
> 8048201: 6a 00 push $0x0
> 8048203: 8d 45 f8 lea 0xfffffff8(%ebp),%eax
> 8048206: 50 push %eax
> 8048207: ff 75 f8 pushl 0xfffffff8(%ebp)
> 804820a: e8 15 00 00 00 call 8048224 <__sys_execve>
> 804820f: 83 c4 10 add $0x10,%esp
>
> DES
> --
> Dag-Erling Smørgrav - des at des.no
>
More information about the freebsd-hackers
mailing list