Comments on: Create a custom shellcode using System() function https://www.gosecure.it/blog/art/452/sec/create-a-custom-shellcode-using-system-function/ MyDear(root)Shell Fri, 29 Mar 2019 13:58:33 +0000 hourly 1 https://wordpress.org/?v=5.6 By: EA https://www.gosecure.it/blog/art/452/sec/create-a-custom-shellcode-using-system-function/#comment-30748 Fri, 29 Mar 2019 13:58:33 +0000 https://www.gosecure.it/blog/?p=452#comment-30748 Would your command above work without escaping the backslashes?

]]>
By: frankgrimes https://www.gosecure.it/blog/art/452/sec/create-a-custom-shellcode-using-system-function/#comment-28500 Thu, 18 May 2017 15:50:17 +0000 https://www.gosecure.it/blog/?p=452#comment-28500 A couple of things about the assembly you used that I think could shorten it up.

I believe you can just “call ” instead of loading the address of system() in a register and calling the register.

Instead of putting the address of the top of the stack (ESP) in EDI and then pushing that to the stack, I also think you can just do a “PUSH ESP”

]]>
By: konstantinos https://www.gosecure.it/blog/art/452/sec/create-a-custom-shellcode-using-system-function/#comment-22747 Mon, 07 Dec 2015 15:03:18 +0000 https://www.gosecure.it/blog/?p=452#comment-22747 Nice post.!! Very informative!!!
i was wondering if we could use other functions except system() and winexec to accomplish the same results.

]]>