|
|
(8 intermediate revisions by 3 users not shown) |
Line 1: |
Line 1: |
− | {{info|<center>'''Shellcode''', also known as '''bytecode''', is [[assembly]] which has been translated into [[machine code]] ([[binary]] represented in [[hexadecimal]]).</center>}}
| + | #REDIRECT [[:Category:Shellcode]] |
− | | + | [[Category:Indexing]] |
− | Every [[programming language]] eventually becomes [[binary]], whether at ''compile-time'' or ''runtime''. When writing a [[Buffer Overflows|buffer overflow]] there are many obstructions from [[SIM|security infrastructure]], such as [[DEP]], [[ASLR]], [[firewall|firewalls]], or [[IDS]] and [[IPS]] appliances, thus many [[filter bypass]] and [[IDS evasion]] techniques (such as [[alphanumeric shellcode]]) must be utilized for successful [[exploitation]] in modern environments in conjunction with [[anti-heuristics]] and [[shellcode obfuscation|obfuscation]] for maximum effectiveness. There are primarily two types of shellcode: ''executable'' shellcode and ''return-oriented'' shellcode.
| + | [[Category:Exploitation]] |
− | | + | |
− | ''Executable shellcode'' is typically translated from [[assembly]] written for its respective target [[Operating System]].
| + | |
− | | + | |
− | * Basic executable shellcode, or traditional [[null-free shellcode]] can be used on any vulnerable application (sans filters) with an executable stack.
| + | |
− | * 32-bit [[ascii shellcode]] and 64-bit [[alphanumeric shellcode]] are commonly used for filter bypass and IDS evasion.
| + | |
− | | + | |
− | | + | |
− | ''Return oriented shellcode'' utilizes [[Return_Oriented_Programming_(ROP)|return oriented programming]] in cases when the vulnerable buffer is non-executable, bypassing the need for an executable stack.
| + | |
− | | + | |
− | | + | |
− | {{protip|[[Machine code]] can be used by a [[programmer]] to write any application from an [[assembly]] approach because it is just as powerful as any other [[programming language]].}}
| + | |
− | {{social}}
| + | |