Can anyone help in solving what this shellcode does?
\x31\xC0\x50\x68\x70\x79\x71\x78\x68\x72\x77\x27\x71\x68\x77\x79\x74\x74\x68\x25\x72\x25\x24\x68\x24\x24\x20\x24\x68\x75\x78\x76\x78\x68\x73\x79\x75\x79\x68\x23\x76\x74\x71\x68\x25\x71\x70\x73\x68\x70\x75\x74\x75\x68\x75\x24\x78\x73\x68\x25\x77\
Try harder.
FYI to the list - This is for the CTP challenge by offensive security
apparently. It does nothing really useful.
On Wed, Feb 1, 2012 at 2:57 PM, Joshua Thomas wrote:
> Can anyone help in solving what this shellcode does?
>
>
> \x31\xC0\x50\x68\x70\x79\x71\x78\x68\x72\x77\x27\x71\x68\
In the second part of the FC4.me challenge, it says you need XXX amount of
bytes for a reg key.
The shellcode below, is of course, assembly instructions. Have you tried
running the entire code? There's a CC / break in the end in case you load
the code into another program, so you won't execute the
Hello Joshua,
your shellcode is basically decrypting some string using 8-bit XOR with
the key 0x41.
You can use ndisasm for analysing it. The code is easy to understand if
you know assembler.
Regards,
bashrc
$ ndisasm -b 32 SC
31C0 xor eax,eax
0002 50
