Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Shellcode
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Platforms== Most shellcode is written in [[machine code]] because of the low level at which the vulnerability being exploited gives an attacker access to the process. Shellcode is therefore often created to target one specific combination of [[Central processing unit|processor]], [[operating system]] and [[service pack]], called a [[Platform (computing)|platform]]. For some exploits, due to the constraints put on the shellcode by the target process, a very specific shellcode must be created. However, it is not impossible for one shellcode to work for multiple exploits, service packs, operating systems and even processors.<ref name="Eugene_2001">{{cite web |title=Architecture Spanning Shellcode |author=eugene |publisher=Phrack Inc. |work=Phrack |date=2001-08-11 |volume=0x0b |issue=57 |id=#0x0e of 0x12 |url=http://www.phrack.org/issues.html?issue=57&id=14#article |access-date=2008-02-29 |url-status=live |archive-url=https://web.archive.org/web/20211109173710/http://phrack.org/issues/57/14.html#article |archive-date=2021-11-09}}</ref><ref name="Nemo_2005">{{cite web |title=OSX - Multi arch shellcode. |author=nemo |work=[[Full disclosure (mailing list)|Full disclosure]] |date=2005-11-13 |url=https://seclists.org/fulldisclosure/2005/Nov/387 |access-date=2022-05-26 |url-status=live |archive-url=https://web.archive.org/web/20220526191616/https://seclists.org/fulldisclosure/2005/Nov/387 |archive-date=2022-05-26}}</ref><ref name="Cha-Pak-Brumley-Lipton_2010">{{cite conference |title=Platform-Independent Programs |author-first1=Sang Kil |author-last1=Cha |author-first2=Brian |author-last2=Pak |author-first3=David |author-last3=Brumley |author-link3=David Brumley |author-first4=Richard Jay |author-last4=Lipton |author-link4=Richard Jay Lipton |conference=Proceedings of the 17th ACM conference on Computer and Communications Security (CCS'10) |location=Chicago, Illinois, USA |date=2010-10-08 |orig-date=2010-10-04 |publisher=[[Carnegie Mellon University]], Pittsburgh, Pennsylvania, USA / [[Georgia Institute of Technology]], Atlanta, Georgia, USA |isbn=978-1-4503-0244-9 |doi=10.1145/1866307.1866369 |pages=547β558 |url=https://softsec.kaist.ac.kr/~sangkilc/papers/cha-ccs10.pdf |access-date=2022-05-26 |url-status=live |archive-url=https://web.archive.org/web/20220526153147/https://softsec.kaist.ac.kr/~sangkilc/papers/cha-ccs10.pdf |archive-date=2022-05-26}} [https://web.archive.org/web/20220526182333/http://users.ece.cmu.edu/~sangkilc/papers/ccs10-cha.pdf] (12 pages) (See also: [https://security.ece.cmu.edu/pip/index.html])</ref> Such versatility is commonly achieved by creating multiple versions of the shellcode that target the various platforms and creating a header that branches to the correct version for the platform the code is running on. When executed, the code behaves differently for different platforms and executes the right part of the shellcode for the platform it is running on.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)