壳牌code:执行的execve 2()调用 [英] Shellcode: perform 2 execve() calls
问题描述
我想写壳code组装。我需要执行的/ usr / bin中/ killall 命令和的/ usr / bin中/ wget的命令。我在Shell code与的execve()系统调用运行完美这两个命令。但现在我想这2相结合,但由于执行第一的execve()调用当程序退出,这是不可能的。 (从的execve的手册页():的execve()上的成功不返回)。
I am trying to write shellcode in assembly. I need to perform a /usr/bin/killall command AND a /usr/bin/wget command. I have both commands running perfectly in shellcode with the execve() syscall. But now I want to combine these 2, but this is not possible because the program exits when the first execve() call is executed. (from the man pages of execve() : execve() does not return on success).
我怎么能执行2 的execve()电话?还是有另一种方法来调用这两个的/ usr / bin中/ killall 和的/ usr / bin中/ wget的从同一外壳code?
How can I perform 2 execve() calls? Or is there another way to call both /usr/bin/killall and /usr/bin/wget from the same shell code?
问候和感谢事先!
推荐答案
当您使用的功能EXEC家庭,你把它叫做程序被替换到当前进程。因此,当第一的execve,调用时,你的整个过程图像中消失,因此第二个电话是从来没有。为了得到这个你身边必须在调用execve的前派生另一个进程。
When you use the exec-family of functions, the program you call it with is substituted into the current process. So when the first execve-call is made, your entire process image disappears, and thus second call is never made. To get around this you must fork another process before calling execve.
这篇关于壳牌code:执行的execve 2()调用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
