For example, 127.0.0.1 would be written 0x0100007F. The
value of 0 in the sin_addr field simply means for all local addresses. The sin_zero field
pads the size of the structure by adding 8 NULL bytes. This may all sound intimidating,
Chapter 10: Writing Linux Shellcode
221
PART III
Gray Hat Hacking: The Ethical Hacker??™s Handbook
222
but in practice, we only need to know that the structure is a chunk of memory used to
store the address family type, port, and IP address. Soon we will simply use the stack to
build this chunk of memory.
Sockets
Sockets are defined as the binding of a port and an IP to a process. In our case, we will
most often be interested in binding a command shell process to a particular port and IP
on a system.
The basic steps to establish a socket are as follows (including C function calls):
1. Build a basic IP socket:
server=socket(2,1,0)
2. Build a sockaddr_in structure with IP and port:
struct sockaddr_in serv_addr; //structure to hold IP/port vals
serv_addr.sin_addr.s_addr=0;//set addresses of socket to all localhost IPs
serv_addr.sin_port=0xBBBB;//set port of socket, in this case to 48059
serv_addr.sin_family=2; //set native protocol family: IP
3. Bind the port and IP to the socket:
bind(server,(struct sockaddr *)&serv_addr,0x10)
4.
Pages:
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426