[framework] Creating Shellcode
Leo Jackson
lajjr at yahoo.com
Fri Feb 8 08:32:07 CST 2008
HD Moore,
In BT2 final it has a gui for making exploits an IDE..
What happened to it??
--- H D Moore <hdm at metasploit.com> wrote:
> The objdump output does not equal shellcode,
> especially if you make *any*
> library calls. On Linux and BSD, you can avoid
> library calls by going
> directly to inlined syscalls in your C code,
> however, on Windows, you
> really need to access functions inside kernel32 to
> make any progress.
> Unless you write your C code very carefully (and
> essentially mimic what
> most Windows shellcode does with regards to finding
> the base of
> kernel32), it just won't work.
>
> There are a few options available for doing this
> properly:
>
> InlineEgg -
> http://oss.coresecurity.com/projects/inlineegg.html
> MOSDEF -
> http://immunitysec.com/resources-freesoftware.shtml
> METASM - http://metasm.cr0.org/ (C compiler is new,
> not sure if does
> Windows yet)
>
> -HD
>
> On Thursday 07 February 2008,
> macubergeek at comcast.net wrote:
> > I just ran objdump -Dslx against nc.exe on a Linux
> box. It seems to
> > work ok. Can you see any reason why objdump
> wouldn't work properly
> > against windows executables as well as Linux
> binaries?
>
>
>
Leo Albert Jackson Jr
Owner Head Programmer
LJ's Electronics and Software
More information about the framework
mailing list