我正在尝试学习shellcode开发,并且当前正在尝试实现将“ / bin / sh”字符串压入堆栈的堆栈方法。到目前为止,我阅读的大多数教程都将重点放在32b上,而我想将其实现为64b,并且当前由于以下代码而陷入SELECT id, nationality_code
FROM jobs_applied_main
WHERE MATCH('(@nationality_code ("^MD$" | "^GB$"))') AND job_id = '6257'
LIMIT 0, 999;
错误:
Segmentation fault有人知道我在做什么错吗?
我以以下方式编译,链接和运行它
section .text
global _start
_start:
; zero out RAX
xor rax, rax
; push string in reverse order onto the stack
; first the nullbyte, then /bin//sh
push rax ; nullbyte for string
push 0x68732f2f
push 0x6e69622f
; stack pointer contains address of string now
mov ebx, esp ; first argument to execve
mov ecx, eax ; second argument to execve
mov al, 0xb ; 11 := syscall number of execve
int 0x80