菜鸟也玩shellcode(菜鸟也玩shellcode) [original] rookie to play shellcode Article title: [original] shellcode top rookie also released the most lonely invincible: 2004-12-2808:15 landlord [[original] rookie playing shellcode Article author: Invincible most lonely [EST] Source: Evil octal information security team Source: hacker X Files X file on the previous period, I wrote a rookie, but also to write exploit, which describes the location of the overflow point, as well as the preparation of exploit. It's all a rookie thing, and I don't know if my readers have learned something. This time I have brought you an overflow of articles, mainly for everyone to introduce some rookie level shellcode prepared. As we all know, the preparation of shellcode is need a lot of programming skills but also familiar with the underlying operating system knowledge, so we still have to use others to write shellcode (don't hit me, you see my title: "play" instead of "writing"). In other words, we are trying to transform an expert into good writing and shellcode to be his own stuff. Manual articles First of all, we have to prepare our "main course" - shellcode. I found a couple of shellcode on . Look at the one below: [BITS32] Global_start _start: LCaller: CallLLoadFunctions LDataSegment: Economy; DD "CMD"" Dd0x79c679e7; closesocket 12 Dd0xe5; accept 16 Dd0xe92eada4; listen 20 Dd0xc7701aa4; bind 24 Dd0xadf509d9; WSASocketA 28 Dd0x3bfcedcb; WSAStartup 32 . . . . . . . LBind: Pushedi Pushedi Pushdword0x; port8721 Movesi, ESP Pushbyte0x10; length Pushesi Pushebx Call[ebp+24] . . . . . . . I just listed some of the key code, complete code, see the cd. This is pilation of the bindshell, which can bind a cmdshell to any local port. All we have to do is to write the above code in shellcode form. The first mosquito I that lie Kou straw industry ushdword0x; port8721 This is the bound port, for example, we want to bind 1234 ports, then the first 1234 to sixtee
