shellcode


Also found in: Wikipedia.

shellcode

Malware programming code that is injected covertly into the computer. The term originated from code that activates a command shell to exploit the computer (see command processor) but may refer to any machine language embedded in data that is used to compromise either the local machine or a remote machine. "English shellcode" intersperses bits and pieces of command statements within a large segment of normal English text. The pieces are decoded into formal shell commands by a Trojan. See shell script.
References in periodicals archive ?
An exploit for MS17-010 written in Python with example shellcode.
This type of honeypot records the attack and its respective shellcode, offering little information about the attack to determine the cause or the mechanisms used.
Mike's extensive experience spans nearly 15 years of infosec-related R&D, during which he has published contributed to the titles "Hacking Exposed Mobile 1st Edition," "Hacking Exposed 7th Edition" and "Sockets, Shellcode, Porting & Coding.
Kaspersky Lab experts discovered two kinds of exploits in total, with differences in shellcode (a small piece of code used as the payload when exploiting a software vulnerability).
It seems that no exploit, shellcode or nasty payload are inside.
We propose a technique to differentiate a normal executable from a shellcode, which can be implemented in streaming mode analysis.
lt;p>Miller's attack doesn't actually pop up shellcode -- the basic software attackers use as a stepping stone to launch their own programs on a hacked machine -- but it lets him control the instructions that are within the phone's processor.
From understanding and writing shellcode to using format strings, Nessus code and more, WRITING SECURITY TOOLS AND EXPLOITS is a guide no code programmer can live without.
Chapters discuss assembly and shellcode, stack exploits, heap exploits, format string exploits, and security coding.
Another possible future technique to be aware of is polymorphic shellcode exploit attacks.
Lynn, "The holy grail: Cisco IOS shellcode and exploitation techniques," in Proc.
Sockets, Shellcode, porting & coding; reverse engineering exploits and tool coding for security professionals.