Jump to content

Talk:Shellcode

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by SkyLined (talk | contribs) at 17:04, 29 February 2008 (Links to tutorials?). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Article's accuracy?

This article is inaccurate. 'Shellcodes' are assembly-language programs which execute shells. They are typically inserted via techniques such as stack overflows, heap overflows, and format string attacks.

The shellcode itself does not exploit anything, it is simply a payload.

I'd be happy to take a first cut at rewriting this article, but a major rewrite is in order IMO, and I'm not sure what rules of etiquette apply here.

Econrad

What do you mean with "and I'm not sure what rules of etiquette apply here."? Make the changes that you find is needed, and everyone will be happy, including the author :b! 193.11.232.248 21:19, 6 Sep 2004 (UTC)

First attempt at cleanup

OK, I took my first shot at cleanup. I fixed the incorrect information.

Much material belonged in buffer_overflow, and was better covered there, so I deleted those sections.

This isn't perfect by any means, but is a good start IMO. Any/all comments welcome

I plan to add more details on specific shellcodes (such as the Aleph One shellcode) at some point

Econrad 00:37, 20 Sep 2004 (UTC)

Major overhaul needed

When I read this, I thought there was alot of irrelevant information that had nothing to do with shellcode directly and had more to do with specific exploit types or computer architectures. I want to try and focus the article purely on shellcodes and how they relate to computer security in general.

I will remove any material that should be in other places and try to replace it with concise and relevant links.


Tompsci 13:45, 21 December 2005 (UTC)[reply]

Cracker

I think the use of the word "cracker" is wrong here, perhaps "attacker", "intruder" or similar. My point is that the person exploiting the system might not be a malicious "blackhat/cracker", but might aswell be a penetration tester, system administrator, software developer...

Is it really necessary to have all the links to tutorials for writing shellcode? The world does have enough scriptkiddies, and it is not really required to understand the concept. --Qdr 21:05, 17 December 2006 (UTC)[reply]

I think so. The only way to really understand how to defend against a security exploit is to understand it. --JD

Mayor overhaul

I've rewritten the page and adding more information about alphanumer/printable/unicode shellcode. I'd like to see more information on:

  • Shellcode writting for different processors/operating systems/service packs.

(I can add a lot about win32 shellcode, but my *nix shellcode is a bit rusty and I've never done anything other than IA32)

  • Platform spanning shellcode

(Runs on multiple OSes/processor types).

  • Egghunt shellcode

(Shellcode exists of small code that scans the process' memory (hunt) for a larger shellcode (egg) that does the actual work. When found, the egg is executed. This is often used when a larger shellcode can be injected, but is hard to execute immediately and a smaller shellcode would be easier to inject and execute as well.)

  • Omelette shellcode

(Shellcode exists of small code that scans the process' memory for more small pieces of shellcode (eggs) that are combined to form the original shellcode (omelette), which is executed. This can be used when a large shellcode cannot be injected as a whole, but can be injected in multiple smaller parts.)

  • Multi-stage shellcode

(Shellcode downloads and executes a larger second stage shellcode - used when second stage shellcode itself is too large to be injected immediately.)

SkyLined (talk) 17:04, 29 February 2008 (UTC)[reply]

Retrieved from "https://en.wikipedia.org/w/index.php?title=Talk:Shellcode&oldid=194924375"