Re: OS X Shell Code

From: Josha Bronson (dmuz@slartibartfast.angrypacket.com)
Date: 01/10/02


Date: Thu, 10 Jan 2002 14:37:06 -0800
From: Josha Bronson <dmuz@slartibartfast.angrypacket.com>
To: fintler <fintler@msec.net>

On Thu, Jan 10, 2002 at 04:38:54PM -0500, fintler said:
> Here's a sample of ppc shellcode (should work fine on mac os x) on ppc you
> have to worry about the link register having the return address, along with
> the copy on the stack, so it's not like you can just overwrite it like in
> x86. Makes it harder to overflow those off by ones I guess...this was
> written by someone named "Chris Shepard" I think:

Which leads to my next question, I am messing around with an app in OS X
that has an overflow condition, and this is my first time working with
non x86 based debugging, etc and I am a bit lost (where's the eip? ;).
Any good links/references for PPC specific ASM and/or overflow
techniques or tutorials?

>
> char shellcode[] =

Thanks, this is very helpful...

-- 
Josha Bronson
dmuz@angrypacket.com
AngryPacket Security