From 380f0fe40b1ab20790e75dac779e73667cc5ac72 Mon Sep 17 00:00:00 2001 From: FreeArtMan Date: Sat, 4 Feb 2023 14:10:26 +0000 Subject: Update all content to new pygmentize --- md/writeup/elf_rewrite_function.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'md/writeup/elf_rewrite_function.md') diff --git a/md/writeup/elf_rewrite_function.md b/md/writeup/elf_rewrite_function.md index b507213..9cc29c1 100644 --- a/md/writeup/elf_rewrite_function.md +++ b/md/writeup/elf_rewrite_function.md @@ -31,7 +31,7 @@ position detection function. If there would be data that will used in replaced function than need detect position of that data. For example we will use -``` +```asm mov eax, sys_call ;we will use SYS_WRITE = 5 mov ebx, output_id ; output on terminal is STDOUT 1 mov ecx, pointer_to_msg @@ -41,14 +41,14 @@ int 80h if this was ordinary situation then define: -``` +```asm msg db "Hello",10 msg_size = $-msg ``` and our code becomes -``` +```asm mov eax, SYS_WRITE mov ebx, STDOUT mov ecx, msg @@ -60,13 +60,13 @@ but how to know position of msg if you dont know position where function will placed?Use function get_it and you will know current instruction position. And it will next instruction after -``` +```asm call get_ip ``` Our code becomes -``` +```asm call get_ip ;calling and detecting eip saved_ip: ;position that will be saved jmp get_ip_end ;jump over function @@ -93,7 +93,7 @@ hex 0x90 translates in nop instruction. nop is No OPeration instruction. And function does nothing.Function fun() contains -``` +```asm push ebp mov ebp, esp start_overwrite_here: @@ -113,7 +113,7 @@ on function size that way when overwriting can be problems if binary code size is larger then function size.Start function overwriting at position (&fun+3) with memcpy() -``` +```asm push ebp mov ebp, esp start_overwrite_here: @@ -129,7 +129,7 @@ ret Wuala function after enabling segment can be overwritten. Here is used previous experienced we have mega trick with function replacement. Compile: -``` +```sh make ``` -- cgit v1.2.3