Basic Linux Shellcode
The term ???shellcode??? refers to self-contained binary code that completes a task. The task
may range from issuing a system command to providing a shell back to the attacker, as
was the original purpose of shellcode.
There are basically three ways to write shellcode:
??? Directly write the hex opcodes.
??? Write a program in a high level language like C, compile it, and then disassemble
it to obtain the assembly instructions and hex opcodes.
??? Write an assembly program, assemble the program, and then extract the hex
opcodes from the binary.
Writing the hex opcodes directly is a little extreme. We will start with learning the C
approach, but quickly move to writing assembly, then to extraction of the opcodes. In
any event, you will need to understand low level (kernel) functions such as read, write,
and execute. Since these system functions are performed at the kernel level, we will need
to learn a little about how user processes communicate with the kernel.
System Calls
The purpose of the operating system is to serve as a bridge between the user (process)
and the hardware. There are basically three ways to communicate with the operating system
kernel:
??? Hardware interrupts For example, an asynchronous signal from the keyboard
??? Hardware traps For example, the result of an illegal ???divide by zero??? error
??? Software traps For example, the request for a process to be scheduled for
execution
Software traps are the most useful to ethical hackers because they provide a method
for the user process to communicate to the kernel.
Pages:
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411