{"id":478988,"date":"2023-08-09T09:41:22","date_gmt":"2023-08-09T09:41:22","guid":{"rendered":""},"modified":"2023-09-05T11:17:56","modified_gmt":"2023-09-05T11:17:56","slug":"shellcode","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/cn\/wiki\/shellcode\/","title":{"rendered":"\u5916\u58f3\u4ee3\u7801"},"content":{"rendered":"<p>Shellcode \u662f\u8ba1\u7b97\u673a\u5b89\u5168\u4e2d\u7684\u4e00\u79cd\u4ee3\u7801\uff0c\u7528\u4e8e\u901a\u8fc7\u5229\u7528\u8f6f\u4ef6\u6f0f\u6d1e\u6765\u63a7\u5236\u76ee\u6807\u8f6f\u4ef6\u7a0b\u5e8f\u7684\u884c\u4e3a\u3002\u5b83\u4e4b\u6240\u4ee5\u88ab\u79f0\u4e3a\u201cshellcode\u201d\uff0c\u662f\u56e0\u4e3a\u5b83\u901a\u5e38\u4f1a\u542f\u52a8\u4e00\u4e2a\u547d\u4ee4 shell\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u8be5\u547d\u4ee4 shell \u63a7\u5236\u7cfb\u7edf\u3002\u4e0b\u9762\u5c06\u5168\u9762\u4ecb\u7ecd\u7f51\u7edc\u5b89\u5168\u4e2d\u7684\u8fd9\u4e00\u5173\u952e\u5143\u7d20\u3002<\/p>\n<h2>Shellcode \u7684\u8d77\u6e90\u5386\u53f2\u4ee5\u53ca\u9996\u6b21\u63d0\u53ca\u5b83<\/h2>\n<p>Shellcode \u8d77\u6e90\u4e8e\u8054\u7f51\u8ba1\u7b97\u673a\u7684\u65e9\u671f\uff0c\u5f53\u65f6\u4eba\u4eec\u5bf9\u5b89\u5168\u6027\u7684\u7406\u89e3\u548c\u5b9e\u65bd\u8fd8\u6ca1\u6709\u50cf\u4eca\u5929\u8fd9\u6837\u5b8c\u5584\u3002<\/p>\n<ul>\n<li><strong>20 \u4e16\u7eaa 80 \u5e74\u4ee3\u521d<\/strong>\uff1a\u201cshellcode\u201d\u4e00\u8bcd\u5f88\u53ef\u80fd\u662f\u5728\u8fd9\u4e00\u65f6\u671f\uff0c\u5373 UNIX \u9ed1\u5ba2\u653b\u51fb\u7684\u6700\u521d\u6d6a\u6f6e\u4e2d\u9996\u6b21\u63d0\u51fa\u7684\u3002<\/li>\n<li><strong>20 \u4e16\u7eaa 90 \u5e74\u4ee3\u672b<\/strong>\uff1a\u968f\u7740\u4e92\u8054\u7f51\u7684\u6269\u5c55\uff0cshellcode\u5f00\u59cb\u88ab\u66f4\u52a0\u5e7f\u6cdb\u7684\u5e94\u7528\u548c\u7814\u7a76\uff0c\u7279\u522b\u662f\u7f13\u51b2\u533a\u6ea2\u51fa\u653b\u51fb\u53d8\u5f97\u66f4\u52a0\u666e\u904d\u3002<\/li>\n<\/ul>\n<h2>Shellcode \u7684\u8be6\u7ec6\u4fe1\u606f\uff1a\u6269\u5c55\u4e3b\u9898<\/h2>\n<p>Shellcode \u672c\u8d28\u4e0a\u662f\u88ab\u5229\u7528\u7684\u7a0b\u5e8f\u8fd0\u884c\u7684\u4e00\u7cfb\u5217\u7cbe\u5fc3\u8bbe\u8ba1\u7684\u6307\u4ee4\u3002\u8fd9\u4e9b\u6307\u4ee4\u901a\u5e38\u4ee5\u673a\u5668\u4ee3\u7801\u7f16\u5199\u3002\u5b83\u7528\u4e8e\u76f4\u63a5\u64cd\u7eb5\u5bc4\u5b58\u5668\u548c\u64cd\u4f5c\u7cfb\u7edf\u7684\u529f\u80fd\u3002<\/p>\n<h3>\u5173\u952e\u6982\u5ff5\uff1a<\/h3>\n<ol>\n<li><strong>\u7f13\u51b2\u533a\u6ea2\u51fa<\/strong>\uff1a\u8fd9\u6784\u6210\u4e86\u8bb8\u591a\u4f7f\u7528 shellcode \u7684\u6f0f\u6d1e\u5229\u7528\u7684\u57fa\u7840\uff0c\u5176\u4e2d\u7a0b\u5e8f\u5411\u7f13\u51b2\u533a\u5199\u5165\u7684\u6570\u636e\u8d85\u51fa\u4e86\u5176\u5bb9\u7eb3\u80fd\u529b\u3002<\/li>\n<li><strong>\u5f00\u53d1<\/strong>\uff1aShellcode \u53ef\u7528\u4e8e\u4ee5\u672a\u7ecf\u6388\u6743\u7684\u65b9\u5f0f\u64cd\u7eb5\u7a0b\u5e8f\u751a\u81f3\u6574\u4e2a\u7cfb\u7edf\u3002<\/li>\n<li><strong>\u6709\u6548\u8f7d\u8377<\/strong>\uff1a\u8fd9\u662f\u6267\u884c\u9884\u671f\u6076\u610f\u4efb\u52a1\uff08\u4f8b\u5982\u521b\u5efa shell\uff09\u7684\u4ee3\u7801\u90e8\u5206\u3002<\/li>\n<\/ol>\n<h2>Shellcode \u7684\u5185\u90e8\u7ed3\u6784\uff1aShellcode \u7684\u5de5\u4f5c\u539f\u7406<\/h2>\n<p>Shellcode\u7531\u4e24\u4e2a\u4e3b\u8981\u90e8\u5206\u7ec4\u6210\uff1a<\/p>\n<ol>\n<li><strong>\u88c5\u8f7d\u673a<\/strong>\uff1a\u8fd9\u5c06\u4f7f\u5176\u4f59\u4ee3\u7801\uff08\u6709\u6548\u8f7d\u8377\uff09\u8fd0\u884c\u3002\u5b83\u901a\u5e38\u4f1a\u8bbe\u7f6e\u6709\u6548\u8f7d\u8377\u6240\u9700\u7684\u73af\u5883\u3002<\/li>\n<li><strong>\u6709\u6548\u8f7d\u8377<\/strong>\uff1a\u8fd9\u662f\u6267\u884c\u653b\u51fb\u8005\u60f3\u8981\u7684\u64cd\u4f5c\u7684\u5b9e\u9645\u6076\u610f\u4ee3\u7801\u3002<\/li>\n<\/ol>\n<h2>Shellcode\u5173\u952e\u7279\u5f81\u5206\u6790<\/h2>\n<p>\u4e00\u4e9b\u4e3b\u8981\u529f\u80fd\u5305\u62ec\uff1a<\/p>\n<ul>\n<li><strong>\u5c0f\u5c3a\u5bf8<\/strong>\uff1a\u901a\u5e38\u5fc5\u987b\u9002\u5408\u6709\u9650\u7684\u7a7a\u95f4\u3002<\/li>\n<li><strong>\u4f4d\u7f6e\u72ec\u7acb\u6027<\/strong>\uff1a\u4e0d\u4f9d\u8d56\u4e8e\u7279\u5b9a\u7684\u5730\u5740\uff0c\u56e0\u6b64\u5b83\u53ef\u4ee5\u5728\u4e0d\u540c\u7684\u73af\u5883\u4e2d\u8fd0\u884c\u3002<\/li>\n<li><strong>\u6ca1\u6709 NULL \u5b57\u8282<\/strong>\uff1a\u5f88\u591a\u65f6\u5019\u5b83\u4e0d\u5e94\u8be5\u5305\u542b NULL \u5b57\u8282\uff0c\u56e0\u4e3a\u8fd9\u4f1a\u7ec8\u6b62 C \u7a0b\u5e8f\u4e2d\u7684\u5b57\u7b26\u4e32\u3002<\/li>\n<\/ul>\n<h2>Shellcode \u7684\u7c7b\u578b\uff1a\u6982\u8ff0<\/h2>\n<p>\u4ee5\u4e0b\u662f\u4e0d\u540c\u7c7b\u578b\u7684\u5217\u8868\u548c\u7b80\u8981\u8bf4\u660e\uff1a<\/p>\n<ol>\n<li><strong>\u672c\u5730 Shellcode<\/strong>\uff1a\u7528\u4e8e\u5bf9\u672c\u5730\u7cfb\u7edf\u7684\u653b\u51fb\u3002<\/li>\n<li><strong>\u8fdc\u7a0b Shellcode<\/strong>\uff1a\u7528\u4e8e\u5bf9\u8fdc\u7a0b\u7cfb\u7edf\u7684\u653b\u51fb\u3002<\/li>\n<li><strong>\u4e0b\u8f7d\u5e76\u6267\u884c Shellcode<\/strong>\uff1a\u4e0b\u8f7d\u5e76\u6267\u884c\u6587\u4ef6\u3002<\/li>\n<li><strong>\u9636\u6bb5\u6027 Shellcode<\/strong>\uff1a\u5206\u9636\u6bb5\u4ea4\u4ed8\uff0c\u5e38\u7528\u4e8e\u590d\u6742\u7684\u6f0f\u6d1e\u5229\u7528\u3002<\/li>\n<\/ol>\n<h2>Shellcode \u7684\u4f7f\u7528\u65b9\u6cd5\u3001\u95ee\u9898\u53ca\u89e3\u51b3\u65b9\u6848<\/h2>\n<p>Shellcode \u7ecf\u5e38\u7528\u4e8e\u4e0d\u9053\u5fb7\u7684\u9ed1\u5ba2\u653b\u51fb\uff0c\u4f46\u5bf9\u4e8e\u5b89\u5168\u7814\u7a76\u4eba\u5458\u6765\u8bf4\u4e5f\u662f\u4e00\u4e2a\u5f3a\u5927\u7684\u5de5\u5177\u3002<\/p>\n<h3>\u95ee\u9898\uff1a<\/h3>\n<ul>\n<li>\u901a\u8fc7\u73b0\u4ee3\u5b89\u5168\u5de5\u5177\u68c0\u6d4b\u3002<\/li>\n<li>\u4e0d\u540c\u7cfb\u7edf\u548c\u73af\u5883\u4e2d\u7684\u53d8\u5316\u3002<\/li>\n<\/ul>\n<h3>\u89e3\u51b3\u65b9\u6848\uff1a<\/h3>\n<ul>\n<li>\u7f16\u5199\u591a\u6001\u6216\u81ea\u4fee\u6539\u4ee3\u7801\u3002<\/li>\n<li>\u5728\u5404\u79cd\u73af\u5883\u4e2d\u8fdb\u884c\u6d4b\u8bd5\u3002<\/li>\n<\/ul>\n<h2>\u4e3b\u8981\u7279\u70b9\u53ca\u540c\u7c7b\u4ea7\u54c1\u6bd4\u8f83<\/h2>\n<table>\n<thead>\n<tr>\n<th>\u5b66\u671f<\/th>\n<th>\u63cf\u8ff0<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>\u5916\u58f3\u4ee3\u7801<\/td>\n<td>\u7528\u4e8e\u5229\u7528\u6f0f\u6d1e\u63a7\u5236\u7cfb\u7edf\u7684\u4ee3\u7801<\/td>\n<\/tr>\n<tr>\n<td>\u5f00\u53d1<\/td>\n<td>\u5229\u7528\u6f0f\u6d1e\u7684\u65b9\u6cd5<\/td>\n<\/tr>\n<tr>\n<td>\u6709\u6548\u8f7d\u8377<\/td>\n<td>\u6267\u884c\u6240\u9700\u64cd\u4f5c\u7684\u6f0f\u6d1e\u5229\u7528\u90e8\u5206<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>\u4e0e Shellcode \u76f8\u5173\u7684\u672a\u6765\u89c2\u70b9\u548c\u6280\u672f<\/h2>\n<p>\u968f\u7740\u7cfb\u7edf\u53d8\u5f97\u66f4\u52a0\u5b89\u5168\uff0cshellcode \u6280\u672f\u4e5f\u5fc5\u987b\u4e0d\u65ad\u53d1\u5c55\u3002\u672a\u6765\u7684\u53d1\u5c55\u65b9\u5411\u5305\u62ec\uff1a<\/p>\n<ul>\n<li><strong>\u5148\u8fdb\u7684\u89c4\u907f\u6280\u672f<\/strong>\uff1a\u4e3a\u4e86\u907f\u514d\u88ab\u53d1\u73b0\u3002<\/li>\n<li><strong>\u81ea\u52a8\u5316\u548c\u4eba\u5de5\u667a\u80fd<\/strong>\uff1a\u66f4\u667a\u80fd\u3001\u81ea\u9002\u5e94\u7684 shellcode\u3002<\/li>\n<\/ul>\n<h2>\u5982\u4f55\u4f7f\u7528\u4ee3\u7406\u670d\u52a1\u5668\u6216\u5c06\u5176\u4e0e Shellcode \u5173\u8054<\/h2>\n<p>\u50cf OneProxy \u8fd9\u6837\u7684\u4ee3\u7406\u670d\u52a1\u5668\u53ef\u4ee5\u901a\u8fc7\u4ee5\u4e0b\u51e0\u79cd\u65b9\u5f0f\u53c2\u4e0e shellcode \u6d3b\u52a8\uff1a<\/p>\n<ol>\n<li><strong>\u533f\u540d<\/strong>\uff1a\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u4f7f\u7528\u4ee3\u7406\u6765\u9690\u85cf\u5176\u8eab\u4efd\u3002<\/li>\n<li><strong>\u5b89\u5168\u7814\u7a76<\/strong>\uff1a\u4ee3\u7406\u53ef\u7528\u4e8e\u7814\u7a76\u653b\u51fb\u3001\u871c\u7f50\u6216\u5f00\u53d1\u9632\u5fa1\u3002<\/li>\n<\/ol>\n<h2>\u76f8\u5173\u94fe\u63a5<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.owasp.org\/index.php\/Shellcode\" target=\"_new\" rel=\"noopener nofollow\">OWASP\uff1aShellcode<\/a><\/li>\n<li><a href=\"https:\/\/cve.mitre.org\/\" target=\"_new\" rel=\"noopener nofollow\">MITRE\uff1aShellcode \u6280\u672f<\/a><\/li>\n<li><a href=\"https:\/\/oneproxy.pro\/cn\/\" target=\"_new\" rel=\"noopener\">OneProxy\uff1a\u5b89\u5168\u548c\u533f\u540d\u89e3\u51b3\u65b9\u6848<\/a><\/li>\n<\/ul>\n<p>\u8bf7\u6ce8\u610f\uff0c\u5fc5\u987b\u5408\u4e4e\u9053\u5fb7\u5730\u4f7f\u7528 shellcode\u3002\u4ece\u4e8b\u672a\u7ecf\u6388\u6743\u7684\u9ed1\u5ba2\u6d3b\u52a8\u662f\u975e\u6cd5\u548c\u4e0d\u9053\u5fb7\u7684\u3002\u59cb\u7ec8\u5bfb\u6c42\u9002\u5f53\u7684\u8bb8\u53ef\u5e76\u9075\u5b88\u6240\u6709\u9002\u7528\u6cd5\u5f8b\u3002<\/p>","protected":false},"featured_media":478989,"menu_order":0,"template":"","meta":{"_acf_changed":false,"content-type":"","inline_featured_image":false,"footnotes":""},"class_list":["post-478988","wiki","type-wiki","status-publish","has-post-thumbnail","hentry"],"acf":{"faq_title":"Frequently Asked Questions about <mark>Shellcode<\/mark>","faq_items":[{"question":"What is Shellcode and why is it called that?","answer":"<p>Shellcode is a type of code used in computer security to control the behavior of a targeted software program through exploitation of a software vulnerability. It is named \"shellcode\" because it often starts a command shell from which the attacker can control the system.<\/p>"},{"question":"What is the history of the origin of Shellcode?","answer":"<p>Shellcode originated in the early 1980s, likely during the initial wave of UNIX hacking. It became more widely used and studied in the late 1990s with the expansion of the Internet and the rise of buffer overflow attacks.<\/p>"},{"question":"How does Shellcode work, and what are its main components?","answer":"<p>Shellcode consists of two main components: the loader and the payload. The loader gets the payload running, often setting up the necessary environment, while the payload is the actual malicious code that performs the action the attacker wants.<\/p>"},{"question":"What are the key features of Shellcode?","answer":"<p>Key features of Shellcode include its small size, position independence (not relying on specific addresses), and the absence of NULL bytes in many instances.<\/p>"},{"question":"What types of Shellcode exist?","answer":"<p>Types of Shellcode include local shellcode (used on local systems), remote shellcode (used on remote systems), download and execute shellcode (downloads and executes a file), and staged shellcode (delivered in stages for complex exploits).<\/p>"},{"question":"What are some common problems and solutions related to Shellcode?","answer":"<p>Problems with Shellcode include detection by security tools and variations in systems. Solutions may involve writing polymorphic code and testing in various environments.<\/p>"},{"question":"How are proxy servers like OneProxy related to Shellcode?","answer":"<p>Proxy servers like OneProxy can be involved with Shellcode in providing anonymity for attackers or being used in security research, such as studying attacks or developing defenses.<\/p>"},{"question":"What are the future perspectives and technologies related to Shellcode?","answer":"<p>Future directions for Shellcode include the development of advanced evasion techniques and the use of automation and AI to create more intelligent, adaptive shellcode.<\/p>"},{"question":"Where can I find more information about Shellcode?","answer":"<p>You can find more detailed information about Shellcode at resources like <a href=\"https:\/\/www.owasp.org\/index.php\/Shellcode\" target=\"_new\">OWASP<\/a>, <a href=\"https:\/\/cve.mitre.org\/\" target=\"_new\">MITRE<\/a>, and <a href=\"https:\/\/oneproxy.pro\" target=\"_new\">OneProxy<\/a>.<\/p>"}]},"_links":{"self":[{"href":"https:\/\/oneproxy.pro\/cn\/wp-json\/wp\/v2\/wiki\/478988","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oneproxy.pro\/cn\/wp-json\/wp\/v2\/wiki"}],"about":[{"href":"https:\/\/oneproxy.pro\/cn\/wp-json\/wp\/v2\/types\/wiki"}],"version-history":[{"count":0,"href":"https:\/\/oneproxy.pro\/cn\/wp-json\/wp\/v2\/wiki\/478988\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/oneproxy.pro\/cn\/wp-json\/wp\/v2\/media\/478989"}],"wp:attachment":[{"href":"https:\/\/oneproxy.pro\/cn\/wp-json\/wp\/v2\/media?parent=478988"}],"curies":[{"name":"\u53ef\u6e7f\u6027\u7c89\u5242","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}