Overview

Shellcode is widely used in many attacks that involve code injection. Writing shellcode is quite challenging. Although we can easily find existing shellcode from the Internet, to be able to write our own shellcode from the scratch is always exciting. There are several interesting techniques involved in shellcode. The purpose of this lab is to help students understand these techniques so they can write their own shellcode.

There are two main challenges in writing shellcode: one is to find out the addresses of the data used in the command, and the other is to ensure that there is no zero in the binary code. In this lab, students will see how to address these two challenges. Both amd64 and arm64 achitectures are supported in this lab.

Tasks (PDF)

• VM version: This lab has been tested on our SEED Ubuntu-20.04 VM
• Lab setup files
  • Labsetup.zip

Time (Suggested)

• Supervised (closely-guided lab session): 2 hours
• Unsupervised (take-home project): 1 week

Older Version

This lab was updated in December 2023. The changes are quite significant (supports for ARM are added). The older version can still be found here:

• Lab description: English, Spanish
• Lab setup files: Labsetup.zip

SEED Videos

• Udemy: Computer Security: A Hands-on Approach (§ 4)

SEED Books (English) (Chinese)

• Computer & Internet Security: A Hands-on Approach, 3rd edition (§ 9)
• Computer Security: A Hands-on Approach, 3rd edition (§ 9)

For ARM64 Shellcode

The code examples given in this lab description are based on the x86/x64 architectures. If you are using Apple M1/M2 machines, you can follow the instructions in this document: Writing ARM64 Shellcode (in Ubuntu).

Feedback and Help