Creating Shellcode

[tyronmiller at gmail.com (Ty Miller)]

After having a look at Hellkit, it looks like it does a fair bit of useful
stuff for creating shellcode. One of the downsides is that it says that I
can't use functions within my C program for Hellkit to work.

My program is currently 370 lines of C code and has 5 different
functions for code reuse, with a few of them being about 40 or 50 lines
long. I can merge the functions into the main function, but this is going to
make the program a fair bit larger, and I assume that this is going to make
the shellcode a fair bit larger. I'm already concerned about the size of the
shellcode as it stands.

Is this correct? What do you guys suggest?

Besides having limited space with stack exploits, are there any other
downsides to having large shellcode for other types of exploits?

Thanks,
Ty


On 2/7/08, base64 <basehat at gmail.com> wrote:
> hellkit and some similar unix tools can be found at :
> http://packetstormsecurity.nl/
>
> I am unaware of a likewise tool for win32, however milw0rm has a fairly
> large repository of interesting shellcodes.
>
> On Feb 6, 2008 3:34 PM, Ty Miller <tyronmiller at gmail.com> wrote:
>
> > Hey All,
> >
> > Does anyone know where I can get my hands on Hellkit? Does Metasploit
> > have a similar function?
> >
> > Any other tools or techniques that you would like to recommend to
> > convert a C program to shellcode would also be great?
> >
> > Thanks,
> > Ty
>
>
>
> --
>
> Best Regards,
> Adrian Castro
> Senior Software Engineer
> (310)765-0627
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20080207/562337b5/attachment.htm>