Executing commands through strings
Author
In C++, how can you execute machine code in hex form inside strings? Is this possible? How might you go about it?
Example:
string = "0x35"
execute(string)
Thanks. Sorry if it is a dumb question. I''m just curious.
Are you trying to write an exploit?
"It is always a simple matter to drag the people along, whether it is a democracy, or a fascist dictatorship, or a parliament, or a communist dictatorship. Voice or no voice, the people can always be brought to the bidding of their leaders. That is easy. All you have to tell them is that they are being attacked and denounce the peacemakers for lack of patriotism and exposing the country to danger. It works the same in any country."
Hermann Goering
"It is always a simple matter to drag the people along, whether it is a democracy, or a fascist dictatorship, or a parliament, or a communist dictatorship. Voice or no voice, the people can always be brought to the bidding of their leaders. That is easy. All you have to tell them is that they are being attacked and denounce the peacemakers for lack of patriotism and exposing the country to danger. It works the same in any country."
Hermann Goering
Author
quote:Original post by LessBread
Are you trying to write an exploit?
Yes, you hit the nail on the head.
Although a reasonable question, no I'm not. I didn't even think that someone might think that when I posted this. But that's not my intention. I used to do it in QBasic, can't I do it with C++?
Anyone?
[edited by - jim bob on January 30, 2003 6:23:41 PM]
You can write inline assembly... which is much more efficient than writing hex into strings. If you want to write hex into strings to execute, i guess you''d have to do a far jump to the location of the string... but i have never tried it, nore heard of anyone doing it, so you may want to be careful, and let us know what happens 
.
.
What you''d have to do is parse the hex code into binary format, and then make sure you have execute permissions on that chunk of memory.
quote:Original post by jim bob
Although a reasonable question, no I'm not. I didn't even think that someone might think that when I posted this. But that's not my intention. I used to do it in QBasic, can't I do it with C++?
Anyone?
Ok. Well, an exploit is the most common use of that trick that I've seen so I asked.
This link might be useful to you: Pure Run-Time Assembler
EDIT: Here's the sourceforge page for the above
http://softwire.sourceforge.net/
And perhaps these as well:
Automatic Function Exporting for Scripting and Networking
Function Binding
"It is always a simple matter to drag the people along, whether it is a democracy, or a fascist dictatorship, or a parliament, or a communist dictatorship. Voice or no voice, the people can always be brought to the bidding of their leaders. That is easy. All you have to tell them is that they are being attacked and denounce the peacemakers for lack of patriotism and exposing the country to danger. It works the same in any country."
Hermann Goering
[edited by - lessbread on February 3, 2003 7:15:29 PM]
quote:Original post by Anonymous Poster
so what is an exploit now?
You''re probably familiar with their brand names - CodeRed, Slammer, etc...
An "exploit" exploits security vulnerabilities. The payload is usually a string of machine code. Google on "buffer overrun" opr check out the security sites, you''re bound to find a few examples.
"It is always a simple matter to drag the people along, whether it is a democracy, or a fascist dictatorship, or a parliament, or a communist dictatorship. Voice or no voice, the people can always be brought to the bidding of their leaders. That is easy. All you have to tell them is that they are being attacked and denounce the peacemakers for lack of patriotism and exposing the country to danger. It works the same in any country."
Hermann Goering
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
