Home page logo

metasploit logo Metasploit mailing list archives

Re: Mac 64-bit Shellcode
From: Ty Miller <tyronmiller () gmail com>
Date: Thu, 2 Jun 2011 17:21:32 +1000

Thanks Pete. Good references. I'll definitely take a look into these.

On Wed, Jun 1, 2011 at 7:52 PM, Pete Smith <seclists () decapitate us> wrote:


If you still want to use objdump then you'll need to install a
cross-compiled version of objdump which will run on your x86 but understands
macho64. Previously I've installed the ELDK (
http://www.denx.de/wiki/DULG/ELDK) which is a full suite to cross compile
applications which may actually be overkill for what you want.

Perhaps take a look at radare (http://radare.nopcode.org/y/) which is a
cross platform reverse engineering and dis-assembly tool.


On 1 June 2011 18:08, Ty Miller <tyronmiller () gmail com> wrote:

Hey all,

Thanks for the responses.

Does metasm support macho64?

Otherwise I think i'll play with nasm/xxd a bit more, then probably stick
to developing macho64 payloads directly on mac.


On Wed, Jun 1, 2011 at 10:40 AM, HD Moore <hdm () metasploit com> wrote:

On 5/31/2011 5:11 PM, Ty Miller wrote:
Hey guys,

I am currently putting together some Mac 64-bit shellcode but am having
troubles extracting the shellcode on Linux. I can do it fine on Mac
using nasm and otool, which produces the expected small shellcode, but
want to specifically do it from Linux as a central development

I'm developing on BT5. I can compile it as macho64 using nasm. objdump
doesn't recognise the macho64 format. I also used xxd and can see the
small amount of shellcode in amongst heaps of other junk, but I cant
an easy way to automatically strip the shellcode from the xxd output.

You might try building a generic macho binary that reads a file and
executes in RWX memory, then just use nasm -f bin to build raw shellcode
blobs and send those to your target darwin box, along with your load




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]