Tech Kaizen: ShellCode

In computer security, a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called "shellcode" because it typically starts a command shell from which the attacker can control the compromised machine. Shellcode is commonly written in machine code, but any piece of code that performs a similar task can be called shellcode. Because the function of a payload is not limited to merely spawning a shell, some have suggested that the name shellcode is insufficient.

The payload is the actual data, or the cargo, carried by the headers. When referring to a computer exploit, the payload is the effect caused by a virus or other malicious code executed by the exploit on the target computer. The payload of a virus may include moving, altering, overwriting, and deleting files, or other destructive activity.

ref:

Shellcode - http://en.wikipedia.org/wiki/Shellcode

Shellcode Tutorial - http://projectshellcode.com/?q=node/20

Windows Shellcode CodeProject - http://www.codeproject.com/Tips/60571/simple-windows-shellcode-invoke-message-box.aspx

Understanding Windows Shellcode - http://www.hick.org/code/skape/papers/win32-shellcode.pdf

Windows Syscall Shellcode - http://www.symantec.com/connect/articles/windows-syscall-shellcode

Windows Shellcode Mastery - http://www.blackhat.com/presentations/bh-europe-09/Caillat/BlackHat-Europe-09-Caillat-Wishmaster-slides.pdf

Shellcode Programming - http://www.l0t3k.org/programming/docs/shellcode/

Shellcoding for Linux and Windows - http://www.vividmachines.com/shellcode/shellcode.html

Writing Shellcode - http://www.safemode.org/files/zillion/shellcode/doc/Writing_shellcode.html

Linux Shellcode - http://www.tenouk.com/Bufferoverflowc/Bufferoverflow5.html

Designing Shellcode demystified - http://www.enderunix.org/docs/en/sc-en.txt