| |
 | Posted by Adam D. Ruppe
in reply to Israel |  Permalink Reply |
|
Adam D. Ruppe 
Posted in reply to Israel
| On Saturday, 8 November 2014 at 02:42:34 UTC, Israel wrote:
> This one in particular. http://pastebin.com/dq4Bp9x0. What is
> this...
It is just a function that is already compiled and added as a string literal. It calls the system function exec("/bin/bash"); to spawn a shell over the current process. It is called shellcode because it is code to launch a shell and is done as a string because a practical application is to exploit a buffer overflow vulnerability in a program to gain access to a target computer. (It isn't as easy as feeding a string as input btw, but this would be like the hello, world version of it.)
But I was wondering why the title said "HOLY CRAP THAT IS STUPID"... and at first, I though the author just didn't use cast() properly, but after trying it, I'm inclined to agree.
With the straightforward cast, the compiler spits out:
Error: no size for type void()
Error: no size for type void()
What a terrible error message and it seems kinda silly to me to be an error at all. It doesn't even work if I ask for ptr. This is just casting pointer types, why does the compiler require an intermediate step?
Maybe I'm missing some logic here, but my impression right now is holy crap, this is stupid.
|
