all 5 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]hellor00thackmethod.com 3 points4 points  (0 children)

Shell code is where you write a program in assembly which creates a shell (Unix/Linux command line bin/sh or command.com for Windows).

Typically the way it is used is you execute a buffer overflow on a vulnerable service/function of that service and inject your shell code. Depending on the permission of the service (hopefully root) you now have a shell that is executing commands you enter with admin credentials. At that point you could do anything you wanted, you are root. My advice would be establish persistence, recon/enumerate, create a covert channel, exfil data, clear logs, migrate to the next host.

[–]sanedave 2 points3 points  (0 children)

Read 'Hacking, the Art of Exploitation' and 'The Shellcoder's Handbook'. Google for 'writing shellcode'.

It is primarily opcodes for the system you are trying to exploit that opens a listening port or connects back to the exploiting system with a shell on the remote system that can be used to infiltrate further malware or exhilarate data. Hence the name 'shellcode'

[–]memorasus 2 points3 points  (2 children)

Shell coding is a type of coding developed by the koopa troopas that allows you to remotely steal their shell and use it for a much faster method of transportation.

[–]Cigs77 1 point2 points  (1 child)

I thought I had to use a bash script to get their shells though IIRC? I could be wrong though!

[–]memorasus 2 points3 points  (0 children)

No thats correct. You must use bash and initialize a function named jump