Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: RE: Finding real host in Nmap -D Scans

RE: Finding real host in Nmap -D Scans

From: Alexander Bartolich <alexander.bartolich_at_gmx.at>
Date: Tue, 4 Mar 2003 09:27:38 +0100 (MET)

John W. Lampe wrote:
> [...]
> <Pre>Do you know the base address of the Global Offset Table (GOT) on a
> Solaris 8 box?
> CORE IMPACT does.</Pre>

Sure. What's the problem?
Get an account on cf.sourceforge.net.
Login in to box M. or N. then type:

$ greadelf -S /bin/sh | sed -ne '4p' -e '/\.got/p'
  [Nr] Name Type Addr Off Size ES Flg Lk
Inf Al
  [16] .got PROGBITS 00036000 016000 000004 04 WA 0
0 8192

The base address of the code segment is 0x10000, the other line is the data
segment.

$ greadelf -l /bin/sh | sed -ne '7p' -e '/LOAD/p'
  Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
  LOAD 0x000000 0x00010000 0x00000000 0x15a57 0x15a57 R E 0x10000
  LOAD 0x016000 0x00036000 0x00000000 0x00f66 0x03aec RWE 0x10000 

-- 
+++ GMX - Mail, Messaging & more  http://www.gmx.net +++
Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!
---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help_at_insecure.org . List run by ezmlm-idx (www.ezmlm.org).
Received on Mar 04 2003
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]