A shellcode or eggshell is a small program represented as a string of instructions in their hexadecimal encoding.
Questions tagged [shellcode]
80 questions
7
votes
1 answer
Shellcode challenge - shellcode works in test program, segfaults in actual binary
Currently working through an introductory shellcoding challenge, and having trouble getting the shellcode to work consistently.
I'm working on a 32bit Linux binary. I found this shellcode:
http://shell-storm.org/shellcode/files/shellcode-827.php
xor…
BronzeOtter
- 363
- 1
- 4
- 11
2
votes
2 answers
ShellCode not running as expected - showing segmentation fault core dump
I have already run this command. But my shellcode is not working for me:
gcc -fno-stack-protector -z execstack test.c -o test
./test
Segmentation fault (core dumped)
Here is my shellcode
#include
unsigned char code[] =…
Alvin567
- 121
- 3
1
vote
0 answers
Wargames RET2 Systems Shellcoding - Trouble using ```jmp``` instruction to connect parts of shellcode
I am doing the RET2 Systems Binary Exploitation course Wargames (https://wargames.ret2.systems/) and am working on the shellcoding chapter. I am learning about how to use jmp assembly instructions to connect sections of shell code. When shell code…
Aaron
- 111
- 1
1
vote
0 answers
random address in call instruction
I am trying to use write system call shellcode in assembly but when i run it i am getting a segmentation fault. I did debug it and its because of the call instruction which is having a random address in…
prakash
- 19
- 1
1
vote
1 answer
How to find a fuction hash when manually resolving in shellcode?
I'm disassembling a shellcode and I found that it resolves adress of some function manually using the hash to find function in kernel32.dll.
example :
call findKernel32Base
....
push 0EC0E4E8Eh
call findSymbolByHash
mov [ebp-4], eax
For this…
Neolex
- 215
- 1
- 7
-1
votes
2 answers
Why do we have to put shellcode before return address
I'd like to know why we have to put the shellcode before the return address in a buffer overflow. Logically the return address will point to the shellcode and will be executed. So, the return address should be put before the shellcode.
I read about…
Scoobydoo
- 3
- 2