everyone! I'm studying C for a while now. and right now, while I'm visiting XDA Developers for my phone, I came across this code:
char next_ptr[8] = "\x30\xff\xff\x31\xff\xff\xff\xff";
is this like an array of hexadecimal codes or what? However, I noticed that when I count how many of these values are inbetween the brackets have the same value with char next_ptr[8]
. and beacause I remembered the word "shellcode", In searching the word shellcode in google with images, I noticed that here are some snippets of code in the images that has these forms.
I've tried to convert them to text like so:
converting it in the original form:
converting it with the original hexadecimal form:
I don't know what's the name of this syntax so I didn't search for it please shed some light for me. Thank you!
These are called hexadecimal escape sequences. It's basically just an optional way of writing this:
char next_ptr[8] = {0x30, 0xff, 0xff, 0x31, 0xff, 0xff, 0xff, 0xff};
(The null terminator of the string literal gets discarded.)
It has nothing to do with shellcode.
Also notably, it is naive to store 0xFF
inside a char
, because it isn't guaranteed to be large enough to store one, since char
has implementation-defined signedness and might only be able to store positive values up to 0x7F
. The correct data type for storing raw data is uint8_t
.