.

Shell Code

<<

JJJHS13

Newbie
Newbie

Posts: 16

Joined: Thu Dec 20, 2007 5:20 pm

Post Thu Jan 10, 2008 1:02 am

Shell Code

Sorry i didn't really know where to put this question. I want to write my own shell but i have no clue where to start, which programing languages to learn. Ive been trying to get articles from packet storm but they mainly just have exploits, i found a couple of articles searching the web and only got tips on securing shells but i cant find a decent one on how to write my own. If you could give me starting point it would be much appreciated.
<<

dean

Post Thu Jan 10, 2008 9:23 am

Re: Shell Code

Hi JJJHS13,

You might want to learn to walk before you start running with scissors in your hand. But if you're looking to learn about exploits and shellcode then looking at existing exploits is not a bad place to start.

Developing exploit code is not really dependent on a specific language you can write an exploit in perl, python, C or Assembly for example. Shellcode is generally written in C and converted to ASM in order to reduce the size of the payload. If you look at one of the exploits on Milw0rm.com you will see the payload represented by something like the following:

char code[] = "\x31\xc0\xb0\x46\x31\xdb\x31\xc9\xcd\x80\xeb"\
      "\x16\x5b\x31\xc0\x88\x43\x07\x89\x5b\x08\x89"\
      "\x43\x0c\xb0\x0b\x8d\x4b\x08\x8d\x53\x0c\xcd"\
      "\x80\xe8\xe5\xff\xff\xff\x2f\x62\x69\x6e\x2f"\
      "\x73\x68\x58\x41\x41\x41\x41\x42\x42\x42\x42";

This is the hex representation of the bytecode. This shellcode is for a bind shell on a linux platform. It makes a call to execve() in order to spawn a shell using /bin/sh. Gotta love "int 0x80"!

Obviously, writing shellcode for each OS platform is different and requires a different approach.

There are some excellent books on the subject as well such as:

Sockets, Shellcode, Porting and Coding by James Foster

As for Google: try "writing shellcode" <-- got me hundreds of hits.

dean
<<

JJJHS13

Newbie
Newbie

Posts: 16

Joined: Thu Dec 20, 2007 5:20 pm

Post Thu Jan 10, 2008 11:58 pm

Re: Shell Code

hey thanks man
<<

g00d_4sh

User avatar

Sr. Member
Sr. Member

Posts: 394

Joined: Tue Sep 18, 2007 1:50 pm

Location: Guayaquil, Ecuador

Post Fri Jan 11, 2008 12:51 pm

Re: Shell Code

I picked up a shell code hack book earlier this year.. and after the first chapter I realized without a solid knowledge of C and assembly language.. I was wasting my time even reading it.  It's on my shelf until next year or so.  Running with scissors is an understatement.
"Bad.. Good?  I'm the guy with the gun"
<<

dannioni

Newbie
Newbie

Posts: 44

Joined: Tue Sep 18, 2007 12:51 pm

Post Tue Jan 15, 2008 5:42 am

Re: Shell Code

I've got Gray Hat Hacking this week, I haven't read all of it, but for Table of Contents I'd say this is just the book you're looking for. Of course prior experience with C/C++/ASM is helpful you can get by without it, at least with this book.
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Jan 15, 2008 1:01 pm

Re: Shell Code

If anyone wants to check out the entire chapter in Grey Hat Hacking that introduces you to coding, it's right here on EH-Net:

Grey Hat Hacking - Chapter 7: Programming Survival Skills

Hope this helps,
Don
CISSP, MCSE, CSTA, Security+ SME

Return to Programming

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software