TransWikia.com

system doesn't invoke /bin/sh

Reverse Engineering Asked by Devharsh Trivedi on July 17, 2021

I am learning libc shellcode attacks and trying to execute /bin/sh from system

I can execute other commands from system like whoami and ls -a but can not run /bin/sh

the following works

string = b"ls -a"
# system, _exit, system arg 
b'xf0xefx04x08', b'xe3xd0x06x08', string_addr.to_bytes(4, byteorder='little')

but this doesn’t work

string = b"/bin/sh"
# system, _exit, system arg 
b'xf0xefx04x08', b'xe3xd0x06x08', string_addr.to_bytes(4, byteorder='little')

what is going wrong here?

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP