Shellcode

"Shell code" redirects here. For code written in a shell's command language, see Shell script.
"Alphanumeric executable" redirects here. For executable code presented in hexadecimal format, see Hex file (disambiguation).

Shellcode is executable code intended to be used as a payload for exploiting a software vulnerability. The term includes shell because the attack originally described an attack that opens a command shell that the attacker can use to control the target machine, but any code that is injected to gain access that is otherwise not allowed can be called shellcode. For this reason, some consider the name shellcode to be inaccurate.

An attack commonly injects data that consists of executable code into a process before or as it exploits a vulnerability to gain control. The program counter is set to the shellcode entry point so that the shellcode runs. Deploying shellcode is often accomplished by including the code in a file that a vulnerable process downloads and then loads into its memory.

Common wisdom dictates that to maximize effectiveness, a shellcode payload should be small. Machine code provides the flexibility needed to accomplish the goal. Shellcode authors leverage small opcodes to create compact shellcode.

This article is issued from Wikipedia. The text is available under Creative Commons Attribution-Share Alike 4.0 unless otherwise noted. Additional terms may apply for the media files.