execve

How does execve call dynamic linker/loader (ld-linux.so.2)

只愿长相守 提交于 2019-11-28 00:12:22
I used gcc to compile and link the most basic C program, test.c: int main() { } As expected, the output is a dynamically linked executable: $ file test test: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.26, BuildID[sha1]=0x0f806c099f74132a158d98aebde4639ae0998971, not stripped Running strace gives the following output: $ strace -f ./test execve("./test", ["./test"], [/* 31 vars */]) = 0 brk(0) = 0x248d000 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE

How does execve call dynamic linker/loader (ld-linux.so.2)

一个人想着一个人 提交于 2019-11-26 21:39:30
问题 I used gcc to compile and link the most basic C program, test.c: int main() { } As expected, the output is a dynamically linked executable: $ file test test: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.26, BuildID[sha1]=0x0f806c099f74132a158d98aebde4639ae0998971, not stripped Running strace gives the following output: $ strace -f ./test execve("./test", ["./test"], [/* 31 vars */]) = 0 brk(0) = 0x248d000 access("/etc/ld.so

execve shellcode writing segmentation fault

风格不统一 提交于 2019-11-26 17:58:25
I am trying to study execve shellcode, OS : Linux bt 2.6.39.4 root@bt:~/exploit# cat gshell.s .globl _start _start: nop jmp MyString shell: popl %esi xorl %eax,%eax movl %al,9(%esi) movl %esi,10(%esi) movl %eax,14(%esi) movb $11,%al movl %esi, %ebx leal 0xa(%esi),%ecx leal 0xe(%esi),%edx int $0x80 movl $1,%eax movl $0,%ebx int $0x80 MyString: call shell shellvar: .ascii "/bin/bashADDDDCCCC" root@bt:~/exploit# as -gstabs -o gshell.o gshell.s root@bt:~/exploit# ld -o gshell gshell.o root@bt:~/exploit# ./gshell Segmentation fault (core dumped) root@bt:~/exploit# GDB: (gdb) break *_start
订阅 execve