Posted on by

Hackers guide to shellcode

Hello, aspiring ethical hackers. In our previous article, you learnt everything about a payload. In this article, you will learn what is shellcode.

What is Shellcode?

In hacking, Shellcode is a small piece of code that is used as a payload during exploitation of a vulnerability. Differentiating it form a payload, shellcode is commonly written in machine or assembly language. It is known as shell code because it commonly starts a command shell on the target machine.

Let’s see what is shellcode. For this we are using Kali Linux but you can use any operating system that can run C programs and the related compilers. Kali Linux already has GCC compiler installed by default. Here, I write a simple C program for printing out “Hello world”.

Shellcode 1

Then I compile this C program using gcc as shown below and check its result.

Shellcode 2
Shellcode 3

The program works fine. GCC compiler also allows us to view the program in assembly code format with the “-S” option.

Shellcode 4

Running this command creates a new file with same name but with “.s” extension (test.s in our case). Opening that file with any text editor reveals the shellcode of that particular program as shown below.

Shellcode 5
Shellcode 6
Shellcode 7

Types of Shell code

There are different types of shell codes in hacking. They are,

1. Remote shellcode:

Remote shell code is used by hackers while targeting a remote machine. This is usually done by exploiting a vulnerable software on the target machine to get a shell back.

2. Local shell code:

This type of shell code is used on the local system on which the hacker already has access to. It is usually used when the hacker has limited privileges on the target system but can exploit a vulnerability in a software to elevate privileges.

3. Download and execute shell code:

This type of shell code, instead of spawning a shell, downloads another payload and executes it on the target system.

4. Staged shell code:

This type of shell code is used when the amount of data that can be injected into process or a software is limited. This shell code downloads additional shellcode and executes it on the target software or system.

Follow Us