<<ANGRY MOD EDIT>>
I am aware that my shellcode will not work, however that isn't my problem (at the current moment.)
Why isn't system even running file.exe? I have spent ages on this, and yes the file is in the right place.
<<ANGRY MOD EDIT>>
I am aware that my shellcode will not work, however that isn't my problem (at the current moment.)
Why isn't system even running file.exe? I have spent ages on this, and yes the file is in the right place.
What is that crap?
If you are attempting to do assembly with all those hex values, there is a better way. Just inline it. This is not BASIC where you have to put the assembly opcodes into a text string and then do a CALL ABSOLUTE to it or use VARPTR.
You might want to research shellcode (maybe on wikipedia)
Because that's how it's done. As I said, I wasn't asking for help with that. I just need my file executed.
Since you're on Windows, try this instead:
SHELLEXECUTEINFO info = { 0 };
info.cbSize = sizeof(info);
info.lpVerb = "open";
info.lpFile = "c:\\file.exe";
info.lpParameters = hellcode;
info.nShow = SW_SHOW;
ShellExecuteEx(&info);
Also, you can optimize your shellcode development by using naked functions and inline assembly, the only catch is that it changes the harness a little bit so at the end of the ASM you need to put something that generates a null, then you can just strlen your exploit like so (MSVC++):
Of course, the only catch is that it may be tough/tiring to concatenate things like raw bytes to it, but you can just end the __asm block and start a new one if that kind of need arises. This is kind of a tangent but I figure it's something worth mentioning since we're on the subject.Code:__declspec(naked) void hellcode(void) { __asm { //all your asm are belong to here _emit 00 } } //... send(s,hellcode,strlen(hellcode),0);
operating systems: mac os 10.6, debian 5.0, windows 7
editor: back to emacs because it's more awesomer!!
version control: git
website: http://0xff.ath.cx/~as/
I highly doubt it.Because that's how it's done.
From the looks of it, file.exe will take the parameters and emit them as is into the code stream and/or stick them somewhere in memory and perform a jump to that address.
Either way I don't like the code or it's intent.
Read the forum rules!!!
We don't tolerate that kind of crap here.
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
