FORE WORD 前序 In our previous paper, Buffer Overflows Demystified, we told you that there will be more papers on these subjects. We kept our promise. Here is the second paper from the same series. The paper is about the fundamentals of shellcode design and totally Linux 2.2 on IA-32 specific. The base principles apply to all architectures, whereas the details might obviously not. 在前文「緩衝區溢出解密」提到,會撰寫更多有關這個主題的文章。筆者保持承諾,當前所見為此系列的第二篇文章。 該文有關 SHELLCODE 於 IA-32 架構中 Linux 2.2 系統核心上的基礎知識。 應用到所有架構上的基礎原理皆是如此,本文將不再次詳述那些妳本該知道的。
To understand what's going on, some C and assembly knowledge is required. Virtual Memory, some Operating Systems essentials, like, for example, how a process is laid out in memory will be helpful. You MUST know what a setuid binary is, and of course you need to be able to at least use UNIX systems. If you have an experience of gdb/cc, that is something really really good. Keep 「IA-32 Intel® Architecture Software Developer's Manual Volume 1: Basic Architecture" at hand. You can get it from here. 想瞭解接下來要作什麼,則需要一些關於 C 與 Asm 的知識。 有關虛擬記憶體與作業系統的要點,亦同於上。 舉例來說:程序如何運作於記憶體中與其實際分佈狀況。 讀者必須知道什麼是 setuid 二進制檔案,當然也必須會操作 Unix 系統。 假若曾有過對於 gdb/cc 工具的使用經驗,那當然更好。 最後別忘經常關注官方手冊:「IA-32 Intel® Architecture Software Developer's Manual Volume 1: Basic Architecture」,可於下列網址獲得該手冊。
Recent versions of the paper can be found here. 可於下列網址尋獲當前版本的論文。