-
Notifications
You must be signed in to change notification settings - Fork 1.7k
/
function.asm
65 lines (59 loc) · 1.62 KB
/
function.asm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
<%
from pwnlib.shellcraft import i386
%>
<%docstring>
Converts a shellcraft template into a callable function.
Arguments:
template_sz(callable):
Rendered shellcode template. Any variable Arguments
should be supplied as registers.
name(str):
Name of the function.
registers(list):
List of registers which should be filled from the stack.
::
>>> shellcode = ''
>>> shellcode += shellcraft.function('write', shellcraft.i386.linux.write, )
>>> hello = shellcraft.i386.linux.echo("Hello!", 'eax')
>>> hello_fn = shellcraft.i386.function(hello, 'eax').strip()
>>> exit = shellcraft.i386.linux.exit('edi')
>>> exit_fn = shellcraft.i386.function(exit, 'edi').strip()
>>> shellcode = '''
... push STDOUT_FILENO
... call hello
... push 33
... call exit
... hello:
... %(hello_fn)s
... exit:
... %(exit_fn)s
... ''' % (locals())
>>> p = run_assembly(shellcode)
>>> p.recvall()
b'Hello!'
>>> p.wait_for_close()
>>> p.poll()
33
Notes:
Can only be used on a shellcraft template which takes
all of its arguments as registers. For example, the
pushstr
</%docstring>
<%page args="name, template_function, *registers"/>
<%
ifdef = '_%s_' % name
%>
/* ${name}(${', '.join(registers)}) */
#ifndef ${ifdef}
#define ${ifdef}
${name}:
/* Save stack */
${i386.prolog()}
/* Load arguments */
% for i, reg in enumerate(registers):
${i386.stackarg(i, reg)}
% endfor
${template_function(*registers)}
/* Restore stack */
${i386.epilog(len(registers))}
#endif /* ${ifdef} */