Enthernet Code
DIIDevHeads IoT Integration Server
•Created by Marvee Amasi on 9/4/2024 in #middleware-and-os
Issues with 64-bit DLL Injection Shellcode on OpenBSD Ignoring Integer Pushes
@Marvee Amasi The issue with your shellcode on OpenBSD is likely due to security features like W^X, which prevents memory regions from being writable and executable simultaneously, and strict requirements for stack alignment.
To address this, ensure that the memory region containing your shellcode is executable using
mprotect if necessary. Also, make sure the stack is 16-byte aligned before calling LoadLibrary to meet the x86-64 ABI requirements. Verify that NASM correctly encodes the push instructions by checking the output with a disassembler, and ensure you are using the correct assembler and linker flags for 64-bit mode. Debugging with a tool like gdb can also help trace the execution and confirm that the 64-bit values are pushed correctly onto the stack.6 replies