Re: OS X Shell Code

From: Josha Bronson (dmuzat_private)
Date: Thu Jan 10 2002 - 14:37:06 PST

Next message: ghandi: "Re: OS X Shell Code"

Previous message: Avi Mozes: "Netscape cross domain security hole"
In reply to: fintler: "Re: OS X Shell Code"
Next in thread: Meder Kydyraliev: "Re[2]: OS X Shell Code"
Next in thread: ghandi: "Re: OS X Shell Code"
Reply: Meder Kydyraliev: "Re[2]: OS X Shell Code"
Reply: qobaiashi: "Re: OS X Shell Code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 10, 2002 at 04:38:54PM -0500, fintler said:
> Here's a sample of ppc shellcode (should work fine on mac os x) on ppc you
> have to worry about the link register having the return address, along with
> the copy on the stack, so it's not like you can just overwrite it like in
> x86. Makes it harder to overflow those off by ones I guess...this was
> written by someone named "Chris Shepard" I think:

Which leads to my next question, I am messing around with an app in OS X
that has an overflow condition, and this is my first time working with
non x86 based debugging, etc and I am a bit lost (where's the eip? ;).
Any good links/references for PPC specific ASM and/or overflow
techniques or tutorials?

> 
> char shellcode[] =

Thanks, this is very helpful...
-- 
Josha Bronson
dmuzat_private
AngryPacket Security

Next message: ghandi: "Re: OS X Shell Code"
Previous message: Avi Mozes: "Netscape cross domain security hole"
In reply to: fintler: "Re: OS X Shell Code"
Next in thread: Meder Kydyraliev: "Re[2]: OS X Shell Code"
Next in thread: ghandi: "Re: OS X Shell Code"
Reply: Meder Kydyraliev: "Re[2]: OS X Shell Code"
Reply: qobaiashi: "Re: OS X Shell Code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 10 2002 - 15:06:09 PST