Skip to Main Content
Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals
book

Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals

by James C Foster
April 2005
Intermediate to advanced content levelIntermediate to advanced
700 pages
20h 39m
English
Syngress
Content preview from Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals
read(4, 0xbffff9d0,254);
write(1, 0xbffff9d0,254);
Example 9.19 shows the assembly implementation of the functions:
Example 9.19 Assembly Implementation
1 BITS 32
2
3
xor ebx,ebx
4 mul ebx
5 cdq
6
7
mov al,0x3
8 mov bl,0x4
9 mov ecx,0xbffff9d0
10 mov dl,254
11 int 0x80
12
13
mov al,0x4
14 mov bl,0x1
15 int 0x80
Analysis
Because both the read and write system calls require three arguments, we first make sure
that EBX, EAX, and EDX are clean.There is no need to clear the ECX register because
we’re using that register to store a four-byte value that is the pointer to the “small” array.
After cleaning the registers, we put the read system call identifier in the AL register ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

32/64-Bit 80x86 Assembly Language Architecture

32/64-Bit 80x86 Assembly Language Architecture

James Leiterman

Publisher Resources

ISBN: 9781597490054