Last updated on 2021-05-31
Made a nice shellcode using the python [inlineEgg](http://community.corest.com/~gera/ProgrammingPearls/InlineEgg.html) library. The shellcode is designed to smash the stack of a programm which is listen on a socket. The read buffer gets overflowed by the shellcode.
The code was tested an on older SUSE9.0, because current disto use [pie](http://www.gentoo.org/proj/en/hardened/pie-ssp.xml?style=printable=) and
[ssp](http://www.research.ibm.com/trl/projects/security/ssp/)
Features:
* Python script that generates the shellcode
* Re-uses the listen socket of the victim and connects it to new shell
* Scans for correct fd and peername
* Embedded Telnet client which connects to created remote shell
* Encoder to generate polymorph shellcode
[Download](http://optixx.org/download/inlineegg_reuse_socket.tar.gz)
Comments are closed, but trackbacks and pingbacks are open.