Can you provide an strace or truss of the exploited binary... I am almost sure that you will find that one of the arguments to your execve() call are incorrect. In the following line: int execve (const char *filename, char *const argv [], char *const envp[]) you probably have an incorrect "char *const argv []". The strace will help determine that. example: strace -ivf ./vulnbinary <Some nops here><some shellcode here><return addys> -KF Marc Soda wrote: > > I have been playing around with buffer overflows. In a couple of > situations /bin/sh won't run when I successful execute my shellcode. > But if change /bin/sh to /bin/ls for example, it works fine. I am on > an i686 linux box, however I've seen this behavour on freebsd also. > Any thoughts? > > -- > > Marc Soda > ASPRE, Inc. > marcat_private > http://www.aspre.net/
This archive was generated by hypermail 2b30 : Mon Nov 26 2001 - 08:21:39 PST