asm shellcode in C buffer - prologue

问题

I try to build a function in a buffer in C. with gdb i can translate

push   rbp
mov    rbp,rsp
(...)
leave
ret

to

0x55
0x48 0x89 0xe5
(...)
0xc9
0xc3

So I wrote a C code:

int main()
{
   char buffer[]={0x55,0x48,0x89,0xe5,0xc9,0xc3};
   void (*j)(void)=buffer;
   j();
}

but my program seems to crash at the intruction "push rbp" (0x55 in the buffer) Do you know why?

回答1:

The usual cause is that the stack (where your buffer is stored) is not executable. There are primarily two ways around that:

1. compile/link such that the stack is marked executable (ie. gcc -z execstack)
2. use mprotect at runtime to mark the page where your code is executable

来源：https://stackoverflow.com/questions/23398915/asm-shellcode-in-c-buffer-prologue