Vulnerability Development mailing list archives
Re: creating shell code for exploits
From: Sebastian <scut () NB IN-BERLIN DE>
Date: Tue, 2 Jan 2001 10:50:29 +0100
hi guys
Hi eke71 :-)
I am new to the list and was wondering how shell code is created for exploits ?
Well shellcode is created by writing the machine code, or by converting simple C code directly. For the later it's sometimes very useful to just write some lines of C and have the shellcode directly printed. To do this, use hellkit (www.team-teso.net/releases.php). In more special situations, if you have limitations on length or allowed characters, there is no way around writing it manually. There are some very specialized shellcodes, some optimized for size (the smallest x86/linux ones I know of: execve: 13 bytes, read(): 15 bytes, portshell: 86 bytes), and some to filter out unallowed characters (most of the times just \x00, \0x0a, \x0d and \x25). There are even printable-ASCII only shellcodes. For the x86 platforms there are numerous articles, of which one from aleph1 and one from smiler come to my mind. For other platforms than x86, like Sparc, MIPS and PPC, there are some papers floating around somewhere. In general, if you write shellcodes as .s file, you may find a small .c source helpful to convert it (outp.c from www.team-teso.net/releases.php, also) to hexcode. ciao, scut -- - scut () nb in-berlin de - http://nb.in-berlin.de/scut/ --- you don't need a -- -- lot of people to be great, you need a few great to be the best ------------ http://3261000594/scut/pgp - 5453 AC95 1E02 FDA7 50D2 A42D 427E 6DEF 745A 8E07 -- CSMC_TOP_SECRET_ATOMAL.tar.bz2, 69043590 bytes received in 381.4 seconds --
Current thread:
- creating shell code for exploits eke71 (Jan 01)
- Re: creating shell code for exploits Sebastian (Jan 02)
- Re: creating shell code for exploits ghandi (Jan 02)
- <Possible follow-ups>
- Re: creating shell code for exploits starman jones (Jan 02)
- Re: creating shell code for exploits sebas7ien (Jan 04)
- Re: creating shell code for exploits Dcarrel Hert (Jan 05)
- Re: creating shell code for exploits Andrew R. Reiter (Jan 05)
- Re: creating shell code for exploits h honoriak (Jan 05)
- Re: creating shell code for exploits Dcarrel Hert (Jan 05)