Shellcode in C [Archive] - RCE Messageboard's Regroupment

dontKnowYet

March 19th, 2009, 00:47

Hi,
I'd like to generate a position independent flat binary file using c, not asm. I got some basic dummy code working but when adding more than one function gcc (which I could replace with something else btw.) needs a _GLOBAL_OFFSET_TABLE_. Is there a way to avoid this?

I only found examples that were not position independent but linked to a fixed address online like bootsectors/booloaders in c.

Any ideas?

Thanks for your help!

dELTA

March 19th, 2009, 10:42

Make all functions inline? Will make the code very large if there are many function calls though...

tHE mUTABLE

March 20th, 2009, 16:19

Try to compile with either one of these two options -fPIC, -fpic, after all it depends on the architecture; generally, the processors do not supports Program Counter -relative loads and stores, and that's why the compiler uses GOT technique.

dontKnowYet

March 22nd, 2009, 06:06

Thanks. I finally got some working code. The following article helped me a lot: http://kos.enix.org/pub/plainbin.pdf.gz I wasn't using objcopy, but now it works.

Code:



asm("jmp _start"; // needed if when more than one function is there

// because i don't know how to specify function order



void _start(){

  while(1){

  }

}

The binary is build using

Code:



gcc -c -Wall -fpic -Os Shellcode.c -o Shellcode.o

ld -N -Ttext 0x0 -e _start -Map Shellcode.map Shellcode.o -o Shellcode

objcopy -R .note -R .comment -S -O binary Shellcode Shellcode.bin