Reverse Engineering Asked by Devharsh Trivedi on July 17, 2021
I am learning libc shellcode attacks and trying to execute /bin/sh from system
I can execute other commands from system like whoami and ls -a but can not run /bin/sh
the following works
string = b"ls -a"
# system, _exit, system arg
b'xf0xefx04x08', b'xe3xd0x06x08', string_addr.to_bytes(4, byteorder='little')
but this doesn’t work
string = b"/bin/sh"
# system, _exit, system arg
b'xf0xefx04x08', b'xe3xd0x06x08', string_addr.to_bytes(4, byteorder='little')
what is going wrong here?
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP