0

Write a shellcode that calls a function, power(). power() is at 0x8032fc8. The base is at ebx and power will be at ecx.

I do not understand how to call the power function at 0x8032fc8.

So far I have:

push ecx
push ebx
call func_power

Thanks.

Centadmin
  • 35
  • 4
  • If you want to pass args in registers, you don't need push. Just `mov ebx, 12` / `mov ecx, 34` or whatever to use that custom calling convention you described. "passed to a mem location" isn't standard terminology so it's not clear what you mean. Is that the address of the machine code for the `power` function? Or is that where you want to store the args, where `func_power` will look for them? – Peter Cordes Aug 14 '21 at 21:19
  • Thanks Peter. OK, I will try and explain this.... The question is: "Write a shellcode that calls a function, power() power() is at 0x8032fc8 The base is at ebx and power will be at ecx" This is all the info I am given. – Centadmin Aug 14 '21 at 21:21
  • Preferably [edit] your question with the explanation, and leave a comment to let me know once your edit is done. – Peter Cordes Aug 14 '21 at 21:22
  • Sorry Peter, I am new here. So unsure about editing etc.. I had spaces and returns.. but my reply seem to have put everything into a paragraph! :( – Centadmin Aug 14 '21 at 21:24
  • That's one reason why you [edit] your post, instead of just leaving comments; lack of code formatting. The other major one is that you want future readers to see a clear post in the first place, and not have to wade through comments. – Peter Cordes Aug 14 '21 at 21:34
  • Understood, thank you for helping me. – Centadmin Aug 14 '21 at 21:36
  • Oh, this is supposed to be shellcode? Anyway, the phrasing you quoted is clear that `0x8032fc8` is the code address you're supposed to call (and that's something that makes sense for shellcode), so mov that into a register and `call eax`. The calling convention for passing args is still unclear, whether `power` looks in those register for args, or whether that's where the values currently are and you supposed to push them for a stack-args calling convention. Or mov them to ecx, edx for fastcall? Or what. – Peter Cordes Aug 14 '21 at 21:37
  • Yes, sorry i am doing the Intro assembler subject and pretty hard so far. OK, so it says write shellcode. – Centadmin Aug 14 '21 at 22:54

0 Answers0