, The Shellcoder??™s Handbook (Indianapolis: Wiley Publishing, 2004)
Hoglund and McGraw, Exploiting Software: How to Break Code (Boston: Addison-Wesley, 2004)
Chapter 8: Advanced Linux Exploits
193
PART III
This page intentionally left blank
CHAPTER 9 Shellcode Strategies
This chapter discusses various factors you may need to consider when designing or
selecting a payload for your exploits. The following topics will be covered
??? User space shellcode
??? System calls
??? Basic shellcode
??? Port binding shellcode
??? Reverse connect shellcode
??? Find socket shellcode
??? Command execution shellcode
??? File transfer shellcode
??? Multi-stage shellcode
??? System call proxy shellcode
??? Process injection shellcode
??? Shellcode encoding
??? Shellcode corruption
??? Disassembling shellcode
In Chapters 7 and 8, you were introduced to the idea of shellcode and shown how it is
used in the process of exploiting a vulnerable computer program. Reliable shellcode is
at the heart of virtually every exploit that results in ???arbitrary code execution,??? a phrase
used to indicate that a malicious user can cause a vulnerable program to execute instructions
provided by the user rather than the program. In a nutshell, shellcode is the arbitrary
code that is being referred to in such cases.
Pages:
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380