0x500 SHELLCODE
So far, the shellcode used in our exploits has been
just a string of copied and pasted bytes. We have seen
standard shell-spawning shellcode for local exploits
and port-binding shellcode for remote ones. Shellcode
is also sometimes referred to as an exploit payload, since these self-contained
programs do the real work once a program has been hacked. Shellcode usually
spawns a shell, as that is an elegant way to hand off control; but it can do any-
thing a program can do.
Unfortunately, for many hackers the shellcode story stops at copying and
pasting bytes. These hackers are just scratching the surface of what’s possible.
Custom shellcode gives you absolute control over the exploited program.
Perhaps you want your shellcode to add an admin account to /etc/passwd
or to automatically remove lines from log files. Once you know how to write
your own shellcode, your exploits are limited only by your imagination. In
addition, writing shellcode develops assembly language skills and employs a
number of hacking techniques worth knowing.