Archived

This topic is now archived and is closed to further replies.

Executing commands through strings

This topic is 5425 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

In C++, how can you execute machine code in hex form inside strings? Is this possible? How might you go about it? Example: string = "0x35" execute(string) Thanks. Sorry if it is a dumb question. I''m just curious.

Share this post


Link to post
Share on other sites
Are you trying to write an exploit?



"It is always a simple matter to drag the people along, whether it is a democracy, or a fascist dictatorship, or a parliament, or a communist dictatorship. Voice or no voice, the people can always be brought to the bidding of their leaders. That is easy. All you have to tell them is that they are being attacked and denounce the peacemakers for lack of patriotism and exposing the country to danger. It works the same in any country."
Hermann Goering

Share this post


Link to post
Share on other sites
quote:
Original post by LessBread
Are you trying to write an exploit?


Yes, you hit the nail on the head.


Although a reasonable question, no I'm not. I didn't even think that someone might think that when I posted this. But that's not my intention. I used to do it in QBasic, can't I do it with C++?
Anyone?

[edited by - jim bob on January 30, 2003 6:23:41 PM]

Share this post


Link to post
Share on other sites
You can write inline assembly... which is much more efficient than writing hex into strings. If you want to write hex into strings to execute, i guess you''d have to do a far jump to the location of the string... but i have never tried it, nore heard of anyone doing it, so you may want to be careful, and let us know what happens .

Share this post


Link to post
Share on other sites
Guest Anonymous Poster
look here

http://www.geocities.com/SiliconValley/2151/selfmod.html

only for windows, though

Share this post


Link to post
Share on other sites
quote:
Original post by jim bob
Although a reasonable question, no I'm not. I didn't even think that someone might think that when I posted this. But that's not my intention. I used to do it in QBasic, can't I do it with C++?
Anyone?


Ok. Well, an exploit is the most common use of that trick that I've seen so I asked.

This link might be useful to you: Pure Run-Time Assembler

EDIT: Here's the sourceforge page for the above
http://softwire.sourceforge.net/


And perhaps these as well:
Automatic Function Exporting for Scripting and Networking

Function Binding






"It is always a simple matter to drag the people along, whether it is a democracy, or a fascist dictatorship, or a parliament, or a communist dictatorship. Voice or no voice, the people can always be brought to the bidding of their leaders. That is easy. All you have to tell them is that they are being attacked and denounce the peacemakers for lack of patriotism and exposing the country to danger. It works the same in any country."
Hermann Goering


[edited by - lessbread on February 3, 2003 7:15:29 PM]

Share this post


Link to post
Share on other sites
quote:
Original post by Anonymous Poster
so what is an exploit now?


You''re probably familiar with their brand names - CodeRed, Slammer, etc...

An "exploit" exploits security vulnerabilities. The payload is usually a string of machine code. Google on "buffer overrun" opr check out the security sites, you''re bound to find a few examples.



"It is always a simple matter to drag the people along, whether it is a democracy, or a fascist dictatorship, or a parliament, or a communist dictatorship. Voice or no voice, the people can always be brought to the bidding of their leaders. That is easy. All you have to tell them is that they are being attacked and denounce the peacemakers for lack of patriotism and exposing the country to danger. It works the same in any country."
Hermann Goering

Share this post


Link to post
Share on other sites