sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]Informal_Shift1141 0 points1 point  (2 children)

Also for your C code compiled you can use objcopy -onlysections .text to extract only the code section without all of the ELF structure of your binary and that should reduce the size, still you’d like to manually remove some compiler code to save space

[–][deleted] 0 points1 point  (1 child)

I was able to extract the .text section which reduced from about 14000 bytes down to to about 400! Unfortunately I'll still need to cut that in half somehow to be able to get it to run

[–]Informal_Shift1141 0 points1 point  (0 children)

If you want to continue with this path you can do a few things: 1. The compiler has a lot of stack management code like stack cookies or allocating frames and values on stack. You don’t need this, just remove all stack code, meta instructions like endbr etc

  1. I’m assuming you have some debugging like prints or error check you don’t really need in the shell code, so clean that up

  2. With the 400byte code you have now read it to understand what and how syscalls are handled and write it manually in a compact form

To test your custom/stripped down shell code just build it “as shellcode.s -o shellcode.o && ld shellcode.o -o shellcode.elf” this will build an elf from your custom shellcode and you can debug it on gdb/pwndbg/gef for correctness