Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Shellcraft stackargs #2219

Merged
merged 9 commits into from
Jul 9, 2023
Merged

Shellcraft stackargs #2219

merged 9 commits into from
Jul 9, 2023

Conversation

Arusekk
Copy link
Member

@Arusekk Arusekk commented Jul 9, 2023

A recently made bugfix that closes #2153; @peace-maker are you okay with Pwntools getting these changes?

@peace-maker
Shellcraft: Fix spilling syscall args to the stack
8233113 
There was a typo in the generated syscall template causing only the last
stack argument to be generated.

$ shellcraft -f asm mips.linux.sendto 3 0x123456 0x100 0 0xabcdefff 0x10
The 0xabcdefff argument was missing.
@peace-maker
Shellcraft: Generate 6 syscall arguments for unknown functions
5196b8d 
There are syscalls with 6 arguments like mmap and sendto which couldn't
be called with all 6 arguments set.

$ shellcraft -f asm mips.linux.mmap2 0 0x1000
'PROT_READ | PROT_WRITE | PROT_EXEC' 'MAP_PRIVATE | MAP_ANONYMOUS' -1 0
@peace-maker
Shellcraft: Fix typo in error message
ec9d59e 
The `syscalls` variable is only present in the generate.py, not the
generated template.
@peace-maker
Regenerate syscall templates
08752db
@peace-maker
MIPS shellcraft: Push last two syscall arguments to the stack
a7ae3af 
The mips.linux.syscall template was only handling 4 syscall arguments
and silently discarded the remaining ones. Push the arguments to the stack
instead.

$ shellcraft -f asm mips.linux.syscall SYS_sendto 3 0x123456 0x100 0 0xabcdefff 0x10

Fixes Gallopsled#2153
@peace-maker
Copy link
Member

Yes, of course. I didn't have time to test the last one concerning MIPS syscalls with > 4 arguments and forgot about it.

@Arusekk Arusekk merged commit 1399c7a into Gallopsled:dev Jul 9, 2023
9 checks passed
@peace-maker peace-maker deleted the shellcraft_stackargs branch July 10, 2023 02:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

shellcraft: mips syscall with 6 arguments ignores arg4 and arg5
2 participants
@Arusekk @peace-maker