Shellcoding
Last updated
Last updated
Write assembly code [Linux syscall table].
Assemble: nasm -f elf shellcode.asm
Link: ld -o shellcode shellcode.o
Extract opcodes: objdump -d shellcode
To make the shellcode more portable we don't want to rely on hardcoded values. To do so we want to hold a meaningful address in a register and work relative to it.
Here is an example of such a technique:
We use call
to push the next address to the stack and jump to our shellcode. That address is then put into esi
and thus we can use esi
for relative addressing. To get to call
we place a jmp
at the very start of the shellcode.