-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathtest.c
53 lines (47 loc) · 1.27 KB
/
test.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
#include <stdio.h>
#include <fcntl.h>
#include <sys/mman.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
#include <assert.h>
/* Shellcode testbed
*
* man mmap:
* mmap() creates a new mapping in the virtual address space of the call-
* ing process. The starting address for the new mapping is specified
* in addr. The length argument specifies the length of the mapping.
*
* */
int
main (int argc, char *argv[])
{
void *p;
int fd;
off_t size;
if (argc != 2)
{
printf ("Usage:\n\t%s shellcode.bin\n", argv[0]);
exit (-1);
}
//Open tha file
fd= open (argv[1], O_RDONLY);
assert ( fd != -1);
//Read the size
size = lseek (fd, 0, SEEK_END);
lseek (fd, 0, SEEK_SET);
assert ( size != 0);
//Allocates a virtual memory map RWX
p = mmap (NULL, size, PROT_EXEC | PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
printf ("Memory@%p\n", p);
//Reads content of the "binary" file into mem
assert(size == read (fd, p, size));
//Close the file so the shellcode inherits only 0,1,2
close (fd);
//Call the first instruction in mem
printf ("Passing control to the shellcode...\n");
((void (*)()) p) ();
printf ("The shellcode has returned to main!\n");
exit (-1);
}