Love the choice of Rust for the attention and for making the exploit “safe”, but I can’t help but feel most of the latter half of part 1 would be obviated by using https://godbolt.org and copy-pasting the resulting ASM instead.
Hello, author here! Thanks a lot for checking it out and for engaging with the post =).
I’m trying to understand your suggestion here: to my eye, the only bit this would affect is the script to extract __text,__TEXT from the compiled binary. I would still need the logic to pass string addresses from the asm entry point to the compiled Rust unit, for example.
Unless I’m misunderstanding, it doesn’t seem like much of a win / doesn’t seem like it would remove much work. Everything else in the latter half still seems relevant (but please do let me know if I’ve misunderstood your suggestion!).
Love the choice of Rust for the attention and for making the exploit “safe”, but I can’t help but feel most of the latter half of part 1 would be obviated by using https://godbolt.org and copy-pasting the resulting ASM instead.
Hello, author here! Thanks a lot for checking it out and for engaging with the post =).
I’m trying to understand your suggestion here: to my eye, the only bit this would affect is the script to extract
__text,__TEXTfrom the compiled binary. I would still need the logic to pass string addresses from the asm entry point to the compiled Rust unit, for example.Unless I’m misunderstanding, it doesn’t seem like much of a win / doesn’t seem like it would remove much work. Everything else in the latter half still seems relevant (but please do let me know if I’ve misunderstood your suggestion!).