This will allow the community to submit their own shellcode and shellcode related resources to the project so that they are available for others to use and learn from, as well as allowing them to extend their own knowledge and skills by gaining access to new materials and previously unreleased shellcode. This also allows a bridge to be created that enables those new to shellcoding to use the resources at hand to advance their skills so that they too can contribute their own work as they progress.
The second stage of Project Shellcode aims to develop into a "Shellcode Development Framework".
This framework will provide modular code based on new and existing shellcode techniques. This will provide Shellcoders with an easy to use interface that enables them to take advantage of existing code modules to create new and exciting shellcode, as well as develop their own modules that can be incorporated into the framework. This modular design will allow the code modules to be tuned and extended as improved techniques are revealed, as well as new modules created as new technologies and security improvements are released, causing shellcode possibilities to be endless.
So create yourself an account now and join the Project Shellcode Community.
Shellcode Tutorial 8: Introduction to Networking - Connectback Shellcode
Introduction
This tutorial takes shellcode to the next level where your shellcode will make a connection from the victim machine back to the attacker. This shellcode is very similar to the “Port Bind” shellcode in the previous tutorial, with a few relatively small changes to allow your shellcode to connect back to the attacker. The attacker’s machine this time will also use netcat to setup a listener for the shellcode to connect back to so that a remote command prompt can be accessed.
Shellcode Tutorial 7: Introduction to Sockets - Portbind Shellcode
Introduction
This tutorial provides an introduction into network shellcode. The shellcode shows how to load libraries dynamically, and find functions within those libraries. It then proceeds to implement the "Port Bind" shellcode where a listening socket is setup to connect remote attackers to a local command prompt.
A lot of the code was pulled and learned from the following awesome paper with some slight modifications.
Shellcode Tutorial 6: Dynamic Shellcode
Introduction
Up until now we have created shellcode containing hardcoded Windows function addresses. Hardcoding memory addresses restricts the shellcode to running on a specific version of Windows, service pack, and potentially even patch level. Well that stops here!
This tutorial will provide you with the required functions and assembly code to dynamically locate the memory addresses for the Windows functions that you want to call in your shellcode.
Our Aim
Shellcode Tutorial 5: Function Hash Generation
Introduction
In the previous tutorials we have always had hardcoded addresses pointing to Windows functions that we wanted to call. This prevents the shellcode from being executable on multiple Windows operating systems, service packs, or even differing patch levels.
This tutorial is the first step in moving towards a more dynamic Windows shellcode structure that will be executable on multiple Windows operating system versions, service packs, and patch levels.
Shellcode Tutorial 3: Windows Command Execution Shellcode
Introduction
This tutorial is simply an extension of the first tutorial; however, instead of creating shellcode that simply sleeps for five seconds, it calls the WinExec function to create a new administrative user on the victim system. This tutorial also teaches you how to define and locate string constants. In this case the command string that you want to execute. We will also exit the process cleanly so that a core dump is not created.
Some of this tutorial was based on information pulled from http://www.vividmachines.com/shellcode/shellcode.html.
Shellcode Tutorial 4: Message Box Shellcode
Introduction
This tutorial teaches you some handy tricks when creating shellcode, such as how to load libraries, dynamically locate Windows functions, define and locate string constants, and call Windows functions. This sets you up to start creating your own shellcode.
Some of this tutorial was based on information pulled from http://www.vividmachines.com/shellcode/shellcode.html.
Our aim
The aim of our shellcode will be to display a Windows dialog box containing a custom message.
What function do we need to call?
Shellcode Tutorial 2: My First Simple Shellcode
Introduction
This tutorial teaches you the basics of shellcoding, including finding function addresses in Windows DLLs, simple assembly, how to compile ASM code, and how to execute your shellcode to see if it works. We will be creating the most simple shellcode that simply sleeps for five seconds and then exists.
Some of this tutorial was based on information pulled from http://www.vividmachines.com/shellcode/shellcode.html.
How to find function addresses in Windows DLLs
Shellcode Tutorial 1: Introduction and Tools Setup
Introduction
The assembly tutorials contained within this site are aimed towards creating assembly code in the aim to get you ready to create your own assembly and shellcode - which would hopefully be included with the "Project Shellcode Development Framework".
What are the differences between windows shellcode and Linux shellcode?
(http://www.vividmachines.com/shellcode/shellcode.html)
Shellcode Tutorials
The following are tutorials on how to write shellcode for beginners through to advanced. These tutorials are continually being expanded so make sure to check back to stay up to date with the latest tutorials.
Shellcode Tutorial 1: Introduction and Tools Setup
Gives an intro into shellcode and steps you through setting up your environment.
Shellcode Tutorial 2: My First Simple Shellcode
Steps you through creating and testing very simple shellcode.
Shellcode Downloads
The following versions of "Reverse DNS Tunneling Shellcode" are available for download:
Latest:
Reverse DNS Tunneling Shellcode v0.12 :: reverse-dns-shellcode-v0.12.tgz
Archive:
Reverse DNS Tunneling Shellcode v0.3 :: reverse-dns-shellcode-v0.3.tgz
