Category:Shellcode
From SecurityForest
- Title: Introduction to Shellcoding
- Description: Shellcode is a piece of machine-readable code, or script code that has just one mission; to open up a command interpreter (shell) on the target system so that an “attacker” can type in commands in the same fashion as a regular authorized user or system administrator of that system can do (with a few not-so-important exceptions of course).
- Author: Michel Blomgren - tigerteam.se
- Download: intro_to_shellcoding.pdf (http://www.securityforest.com/downloads/educationtree/intro_to_shellcoding.pdf)
- Rated:
- Title: The Basics of Shellcoding
- Description: The goal of this article is not to explain all the possibilities of injecting a shellcode developed during last years, but to analyze and understand its essence.
- Author: Angelo Rosiello
- Download: basics_of_shellcoding.pdf (http://www.securityforest.com/downloads/educationtree/basics_of_shellcoding.pdf)
- Rated:
- Title: Writing MIPS_IRIX shellcode
- Description: Writing shellcode for the MIPS/Irix platform is not much di�erent from writing shellcode for the x86 architecture. There are, however, a few tricks worth knowing when attempting to write clean shellcode (which does not have any NUL bytes and works completely independent from it's position). This small paper will provide you with a crash course on writing IRIX shellcode for use in exploits. It covers the basic stuff you need to know and provides some example shellcodes for modification and real life use.
- Author: scut - Team Teso
- Download: mipsshellcode.pdf (http://www.securityforest.com/downloads/educationtree/mipsshellcode.pdf)
- Rated:
- Title: Writing shellcode for IA-64
- Description: This paper outlines the techniques you need and the things I've learned about writing shellcode for the IA-64. Although the IA-64 is capable of executing IA-32 code, this is not topic of this paper. Example code is for Linux, but most of this applies to all operating systems that run on IA-64.
- Author: papasutra of haquebright
- Download: p57-0x05.txt (http://www.securityforest.com/downloads/educationtree/p57-0x05.txt)
- Rated:
- Description: Today, more and more exploits need to be written using assembler, particularly to write classical shellcodes (for buffer overflows, or format string attacks,...). Many programs now achieve powerfull input filtering, using functions like strspn() or strcspn(): it prevents people from easily inserting shellcodes in different buffers. In the same way, we observe more and more IDS detecting suspicious opcodes sequences, some of them indicating the presence of a shellcode. One way to evade such pattern matching techniques is to use polymorphic stuff, like using tools such as K2's ADMmutate. Another way to do this is going to be presented here: we'll try to write IA32 non filterable shellcodes, using only alphanumeric chars: more precisely, we'll use only chars like '0'->'9','A'->'Z' and 'a'->'z'. If we can write such alphanumeric shellcodes, we will be able to store our shellcodes nearly everywhere! Let's enumerate some interesting possibilities: filtered inputs, environment variables, classical commands, instructions & parameters from usual protocols, filenames & directories, usernames & passwords and more...
- Author: Rix - HERT
- Download: p57-0x0f.txt (http://www.securityforest.com/downloads/educationtree/p57-0x0f.txt)
- Rated:
- Description: Since Linux/390 has been released by IBM more and more b0xes of this type can be found in the wild. A good reason for a hacker to get a closer look on how vulnerable services can be exploited on a mainframe. Remember, who are the owners of mainframes ? Yeah, big computer centres, insurances or goverments. Well, in this article I'll uncover how to write the bad code (aka shellcode). The bind-shellcode at the end should be taken as an example.
- Author: johnny cyberpunk - THC
- Download: linux-390-shellcode-devel.txt (http://www.securityforest.com/downloads/educationtree/linux-390-shellcode-devel.txt)
- Rated:
- Description: This document assumes very little prior knowledge on the part of the reader. There are 4 articles starting with basics of memory layout, basics of windows assembly, local stack overflow, basics of shellcode, writing your own shellcode (basics), exploiting using SEH and remote stack overflow. To make it more interesting the author has also include sample exercises.
- Author: Nish Bhalla
- Download: Win32 Stack Overflow Basics (http://www.securitycompass.com/Case%20Studies.htm)
- Rated:
