This repository was archived by the owner on Nov 11, 2018. It is now read-only.
This repository was archived by the owner on Nov 11, 2018. It is now read-only.
easy to bypass in linux 64 bit #35
Description
using int 0x80 in a elf-64 binary, its easy to bypass, example:
test.asm
section .text
global _start
section .rodata
x db '/tmp/abcd',0x0
_start:
mov eax, 5
mov ebx, x
mov ecx, 64
mov edx, 0644
int 0x80
xor eax, eax
inc eax
int 0x80$ nasm -f elf64 test.asm
$ ld -o test test.o
$ rm -f abcd
$ [ -e "abcd" ] && echo file found
$ maybe ./test
maybe has not detected any file system operations from ./test.
$ [ -e "abcd" ] && echo file found
file found