Monday, September 22, 2008

Shellcode Testing

I was working on an exploit last week that was having a problem. At one point, I thought it might have been the shellcode I was using so I started looking for some old C code I had for testing to make sure shellcode actually ran. Nowhere to be found, I turned to Google and found the following blog that had C code and an interesting usage for it to analyze shellcode seen in malicious websites. The author extracted the shellcode from the page and put it in this C code, compiled it and ran it through Ollydbg for analysis. SIDE NOTE: Immunity has released an updated, more powerful version of Olly as the free Immunity Debugger.

While the author did all this on Windows, the C code works fine on other operating systems. For example, I was working with it on FreeBSD and had no problems.