Scribd
Upload
3 views10 pages

CH 10 Notes

Uploaded by

kediatrisha13
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
3 views10 pages

CH 10 Notes

Uploaded by

kediatrisha13
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

‭What is Shellcode?

‭●‬ S ‭ hellcode is a small piece of code injected by an attacker‬‭into a‬


‭program's memory.‬
‭●‬ ‭Its goal is to‬‭gain control over the system‬‭by exploiting‬‭vulnerabilities in‬
‭the program.‬
‭●‬ ‭Traditionally, shellcode‬‭launches a command-line shell‬‭(hence the name‬
‭"shellcode"), allowing attackers to execute commands with the privileges of‬
‭the compromised program.‬

‭How Does Shellcode Work?‬

‭1.‬ ‭On UNIX systems (like Linux/macOS)‬


‭○‬ ‭Attackers use the‬‭ execve("/bin/sh")‬‭function.‬
‭○‬ ‭This replaces the current program with a shell (like Bash or Sh).‬
‭○‬ ‭The attacker can then execute commands with the privileges of the‬
‭exploited program.‬
‭2.‬ ‭On Windows systems‬
‭○‬ ‭Attackers call the‬‭system("command.exe")‬‭function‬‭(or‬‭cmd.exe‬
‭on newer systems).‬
‭○‬ ‭This launches the Windows command prompt (CMD).‬
‭○‬ ‭The attacker can then run commands on the system.‬
‭Why is Shellcode Dangerous?‬

‭ ‬ I‭t allows an attacker to‬‭fully control‬‭a compromised‬‭system.‬



‭●‬ ‭It can be embedded into exploits targeting‬‭buffer‬‭overflow‬
‭vulnerabilities‬‭.‬
‭●‬ ‭If a program does not properly handle memory (e.g., using unsafe‬
gets()‬‭or‬‭
‭functions like‬‭ strcpy()‬ ‭), attackers can inject and execute‬
‭shellcode.‬

You might also like