Starting to Write Your Own Shellcode

4 Pages Posted:

See all articles by Craig S Wright

Craig S Wright

nChain; University of Southern Queensland - University of Southern Queensland, Students; Leicester Law School

Date Written: August 24, 2011

Abstract

We have seen more and more people become reliant on tools such as Metasploit in the last decade. This facility to use these tools has empowered many and has created a rise in the numbers of people who can research software vulnerabilities. It has created more security professionals who cannot only scan a target for vulnerabilities using a tool such as Nessus, but who can complete tests involving system exploitations and hence validate the results presented to them by a scanner. But, this ends when a new application with unexpected calls or controls is found. What do we do when presented with a special case? Here we have to again return to the old art of crafting shellcode. At some stage, if we are to be more than white hat script kiddies and want to come to actually understand the application we need to learn how to craft our own custom shellcode. In this article, we start to explain the process used to do this.

Keywords: Shellcode

Suggested Citation

Wright, Craig S, Starting to Write Your Own Shellcode (August 24, 2011). Available at SSRN: https://ssrn.com/abstract=

Craig S Wright (Contact Author)

nChain ( email )

London
United Kingdom

University of Southern Queensland - University of Southern Queensland, Students ( email )

Toowoomba, Queensland
Australia

Leicester Law School ( email )

University Road
Leicester LE1 7RH, LE1 7RH
United Kingdom

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
84
Abstract Views
393
PlumX Metrics