Shell Code¶
Shellcode— a lightweight program crafted to exploit vulnerabilities in an operating system or legitimate application. Its purpose is typically to escalate privileges or deploy a backdoor on the host when executed, often masquerading as a Trojan. Once the attacker establishes an initial foothold, the shellcode commonly initiates a network connection to retrieve additional malicious tools.
The payload of an exploit contains shell code particular to a vulnerability. Shell code is commonly written in machine code (lowest-level representation of a compiled and/or assembled computer program). Shell code types refer to how the target host responds or behaves for the attacking platform. All shell codes are normally associated with an established (three-way handshake) connection.