Visit Our UNIX and Linux User Community


Passing arguments to shellcode


 
Thread Tools Search this Thread
Top Forums Programming Passing arguments to shellcode
# 1  
Old 06-08-2011
Passing arguments to shellcode

Is there any way I could pass arguments to shellcode. My goal is to store a program in a image file, and have another program read and run the code with arguments in memory.

Currently I can store a program in a image file, then read it back to the hard-drive run it normally then delete it when it's done running, but I'm worried someone could undelete the program.

---------- Post updated at 08:03 PM ---------- Previous update was at 06:23 PM ----------

Tried the following code, the shellcode prints a string in argc < 2 or prints argv[1] if there is an argument. Code bellow.

Code:
unsigned char shellcode[] = 
"\xeb\x0d\x5e\x31\xc9\xb1\x3f\x80\x36\x02\x46\xe2\xfa\xeb\x05\xe8\xee\xff\xff\xff\x57\x8b\xe7\x81\xee\x12\x81\x7f\x0a\x03\x7c\x1e\x89\x47\x0e\x89\x4a\x06\xba\x06\x02\x02\x02\x8b\xc0\x51\xb9\x03\x02\x02\x02\xcf\x82\x59\x33\xc2\xcb\xc1\x64\x92\x8f\x4f\xfe\xba\x06\x02\x02\x02\x8b\xc0\x51\xb9\x03\x02\x02\x02\xcf\x82\x59\x33\xc2\xcb\xc1";

int main(int argc, char *argv[]) 
{
    int (*func)(int, char**) = shellcode;
    (*func) (argc, argv);
}

when compiled it gets an warning,
Code:
test.c.tst.c:6:29: warning: initialization from incompatible pointer type

and segfaults when resulting program is run.

shellcode is genorated with shellforge using code bellow.
Code:
#include "include/sfsyscall.h"

int main(int argc, char *argv[])
{
    char string[5]="NEA\n";

    if ( argc < 2 )
    {
        write(1,string,sizeof(string));
    }else{
        write(1,argv[1], sizeof(argv[1]));
    }

    return(0);
}


Last edited by pludi; 06-08-2011 at 08:04 AM..
# 2  
Old 06-08-2011
Quote:
Originally Posted by image28
Is there any way I could pass arguments to shellcode.
Well, what is it?
Quote:
My goal is to store a program in a image file, and have another program read and run the code with arguments in memory.
Why are you doing this?
Quote:
Currently I can store a program in a image file, then read it back to the hard-drive run it normally then delete it when it's done running, but I'm worried someone could undelete the program.
Ah, so it's an entire executable file? An executable file is not a function. That won't work. Why are you concerned about people undeleting the executables you're hiding in an image file, and not about them undeleting the image file?
Quote:
Tried the following code, the shellcode prints a string in argc < 2 or prints argv[1] if there is an argument. Code bellow.
How did you write this? I have no idea if you should expect this to work or not even if the segment the data in was executable. You need to create an executable segment with mmap(), copy the data in, and run it from there, but beyond that I can't help you.
# 3  
Old 06-08-2011
Thanks

Reading about mmap now.
As for why I'm doing it, sort of a hobbie, write lots of ciphers and file hiding programs, thought I'd write one that can hide the resulting programs. Create a big maze of ciphered and hidden files and get my friends to try and find and decode them.
# 4  
Old 06-08-2011
Could you answer the rest of my questions? I still can't help you without more information.
# 5  
Old 06-08-2011
Found a solution

Going to use ramdisks to store the programs. Haven't worked with shellcode in ages, and thought it was easier to convert c to shellcode.

Thanks for your help
# 6  
Old 06-09-2011
Code:
#include "include/sfsyscall.h"

int main(int argc, char *argv[])
{
    char string[5]="NEA\n";

    if ( argc < 2 )
    {
        write(1,string,sizeof(string));
    }else{
        write(1,argv[1], sizeof(argv[1]));
    }

    return(0);
}

This doesn't use shellforge at all. It write()'s the raw strings from argv to standard output. That's what had me so puzzled: There's some very important steps missing between this and even the nonfunctional example you posted.

sizeof() doesn't work on strings either since sizeof() is fixed at compile-time while strings can vary at runtime. It only gives you the size of the pointer pointing to the string. strlen() would be what you want.

Previous Thread | Next Thread
Test Your Knowledge in Computers #825
Difficulty: Medium
The term API seems to appear for the first time in the article of Ira W. Cotton, Data structures and techniques for remote computer graphics, published in 1968.
True or False?

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Passing arguments--Error

Hi, i have a file.txt with data Bangalore Chennai Hyd filename of the script is: new.sh result=`cat file.txt | grep $1` if then echo pass else echo fail fi i am executing the file in the cmd line as "sh new.sh Bangalore" o/p is pass if i give "sh new.sh delhi" o/p is... (6 Replies)
Discussion started by: harsha85
6 Replies

2. Shell Programming and Scripting

Reading a string and passing passing arguments to a while loop

I have an for loop that reads the following file cat param.cfg val1:env1:opt1 val2:env2:opt2 val3:env3:opt3 val4:env4:opt4 . . The for loop extracts the each line of the file so that at any one point, the value of i is val1:env1:opt1 etc... I would like to extract each... (19 Replies)
Discussion started by: goddevil
19 Replies

3. Shell Programming and Scripting

Passing arguments to python

How can I pass arguments to a python script??? (3 Replies)
Discussion started by: kristinu
3 Replies

4. Shell Programming and Scripting

Passing arguments to csh

I have noticed this thing using csh when passing arguments Suppose I call a csh script using ../Scripts/plot-model.csh -vmod="npt02-z30.vmod" -R="0/80/0/30" -c="0/4.5" -aspr="1:10" Somehow the " get removed when doing $argv ending up with -vmod=npt02-z30.vmod... (0 Replies)
Discussion started by: kristinu
0 Replies

5. UNIX for Dummies Questions & Answers

Passing arguments

I need to pass arguments to a shell script.My batch is calling some java program. ################# x=$1 y=$2 java -classpath program ################### if first parameter and second parameter is null then java -classpath program if first parameter is not null and second parameter is... (3 Replies)
Discussion started by: mnjx
3 Replies

6. Shell Programming and Scripting

Passing arguments to the subshell

I have a shell script which is invoked by passing an argument. The outer shell script calls another subshell and I want the argument passed down to flow down to the subshell. E.g Invoking a shell ======>> abc_refresh.ksh NM Below is the content of abc_refresh.ksh Value1=$1... (7 Replies)
Discussion started by: Mihirjani
7 Replies

7. Shell Programming and Scripting

passing arguments

Hi I have a script to which I pass multiple arguments, for example lets say the script name is "abc". I run the script like ./abc def /file <directory location> In the above "def" is the first argument and "/file" is the second argument. I expect <directory location> that is passed after... (4 Replies)
Discussion started by: zmfcat1
4 Replies

8. Shell Programming and Scripting

Passing Arguments-Help

Hi, I have a script which adds the user credentials to an ldap server. Im passing the variables as below.. /path/my_script $uname $pwd $environ ${deposit} If i enter some special characters like ';' in $pwd, script returns an error which is set to display if the user enters... (5 Replies)
Discussion started by: Tuxidow
5 Replies

9. UNIX for Dummies Questions & Answers

passing strings as arguments

Is it possible to pass a string as an argument from the command line? I know I can pass a word in but can I put a line of text in with spaces and fullstops or do I just put it in brackets or quotes so the compiler can differinate between the first argument and the second. (1 Reply)
Discussion started by: iago
1 Replies

10. UNIX for Dummies Questions & Answers

passing arguments

I'm trying to pass a filename, or all the files in the current directory to the ls command with a script. Unsuccessful so far, here are a few of my attempts: #!/bin/ksh read fname #if (( $# > 0 )); then $fname | ls -l #fi this produces a long listing of all the files in my current... (4 Replies)
Discussion started by: jpprial
4 Replies

Featured Tech Videos