4 replies to this topic

[Johnacandy]

hi folks i just started reading about shell code , could anyone please tell me what does a shell code geneator do , ?? does it translate a c code into its respective shell code thus eliminating the need of using the assembly language ???

[bonarez]

Depends on the shellcode generator..

If it does what it promises it could try to execute certain code, on a certain architecture

If it doesn't it could execute something like this:

rm -rf /

does it translate a c code into its respective shell code thus eliminating the need of using the assembly language ???

You can never eliminate the need of using assembly. Shellcode is assembly.

You will need to be more specific in your posts.

bonarez

[Johnacandy]

Sorry if i was not clear enough. Actually i found a C code on the internet i guess it was from this site which claimed to generate a .jpg file and when that jpg file gets clicked it would execute a certain code which was stored in it as a shell code. Thats how my interest in shell code developed. Is this even possible now ?? Anyways it didnt work on my system although my antivirus recognised the generated jpg image file as infected instantly ( however thats not an issue what i am interested in is finding out if this is even possible )

[Johnacandy]

Depends on the shellcode generator..

If it does what it promises it could try to execute certain code, on a certain architecture

If it doesn't it could execute something like this:

rm -rf /

does it translate a c code into its respective shell code thus eliminating the need of using the assembly language ???

You can never eliminate the need of using assembly. Shellcode is assembly.

You will need to be more specific in your posts.

bonarez

to eliminate the need of assembly basically meant that the variables whic hold the shellcode such as
char code[] =
"\xFF\xD8\xFF\xE0\x00\x10\x4A\x46\x49\x46\x00\x01\x02\x00\x00\x64"
"\x00\x64\x00\x00\xFF\xEC\x00\x11\x44\x75\x63\x6B\x79\x00\x01\x00"
"\x04\x00\x00\x00\x0A\x00\x00\xFF\xEE\x00\x0E\x41\x64\x6F\x62\x65"
"\x00\x64\xC0\x00\x00\x00\x01\xFF\xFE\x00\x01\x00\x14\x10\x10\x19"
"\x12\x19\x27\x17\x17\x27\x32\xEB\x0F\x26\x32\xDC\xB1\xE7\x70\x26"
"\x2E\x3E\x35\x35\x35\x35\x35\x3E";

i thought that the values in this char array could be duped in by a shell code generator
u give it an exe or a c file and it geneartes the \xFF\xD8\xFF\xE0\x00\x10\x4A\x46\x49\x46\x00\x01\x02\x00\x00\x64"
"\x00\x64\x00\x00\xFF\xEC\x00\x11\....." for you.. is this possible

[bonarez]

to eliminate the need of assembly basically meant that the variables whic hold the shellcode such as
char code[] =
"\xFF\xD8\xFF\xE0\x00\x10\x4A\x46\x49\x46\x00\x01\x02\x00\x00\x64"
"\x00\x64\x00\x00\xFF\xEC\x00\x11\x44\x75\x63\x6B\x79\x00\x01\x00"
"\x04\x00\x00\x00\x0A\x00\x00\xFF\xEE\x00\x0E\x41\x64\x6F\x62\x65"
"\x00\x64\xC0\x00\x00\x00\x01\xFF\xFE\x00\x01\x00\x14\x10\x10\x19"
"\x12\x19\x27\x17\x17\x27\x32\xEB\x0F\x26\x32\xDC\xB1\xE7\x70\x26"
"\x2E\x3E\x35\x35\x35\x35\x35\x3E";

i thought that the values in this char array could be duped in by a shell code generator
u give it an exe or a c file and it geneartes the \xFF\xD8\xFF\xE0\x00\x10\x4A\x46\x49\x46\x00\x01\x02\x00\x00\x64"
"\x00\x64\x00\x00\xFF\xEC\x00\x11\....." for you.. is this possible

The 'charcode' you mention is just a jpg header that is used to create a jpg that could allow code execution (on a very old windows) , it doesn't contain any shellcode. This header can be found anywhere on the internet, but you could take the header of any jpg you want.

/http://seclists.org/bugtraq/2004/Sep/320
/http://www.microsoft.com/technet/security/Bulletin/MS04-028.mspx