Hi All,
trying to generate useable shellcode using shellforge...

Here's my localshell.c
#include <stdio.h>
int main(void)
{
char *arg[2];
arg[0] = "/bin/sh";
arg[1] = NULL;
execve("/bin/sh", arg, NULL);
}


H3llfyr3@slax:~/exploitdev/shellforge$ ./shellforge.py localshell.c
** Compiling localshell.c
** Tuning original assembler code
ERROR: Error at [call execve@PLT]: Symbol not found

any ideas on what is causing this?

try

#include <stdio.h>
int main()
{
char arg[] = "/bin/sh";
char arg2[] = "ls";
char env=NULL;
execve(arg,arg2,env);
return 0;
}

or

int main()
{
char *arg[] = {"/bin/sh","ls",NULL};
execve(arg[1],arg[2],arg[3]);
return 0;
}

you are maybe misunderdstanding this function execve, look google.

Cheers class101, no difference I'm afraid, they both produce the same output, BTW my original code compiles correctly

#include <stdio.h>
int main()
{
char arg[] = "/bin/sh";
char arg2[] = "ls";
char env=NULL;
execve(arg,arg2,env);
return 0;
}

h3llfyr3@slax:~/exploitdev/shellforge$ ./shellforge.py class101shell.c
** Compiling class101shell.c
class101shell.c: In function `main':
class101shell.c:6: warning: initialization makes integer from pointer without a cast
** Tuning original assembler code
ERROR: Error at [call execve@PLT]: Symbol not found

then don't use shellforge, I don't see why you use such useless proggy, just compile your binary and get the shellcode from its assembly..

Point taken, I ought to write my own shellcode anyway, at the very least it's good practice and will lead to a better understanding of the stack ;)