Exploits and reliable shellcodes

Our mission is to provide a safe-way to generate reliable shellcode. Most exploits, especially those available online, contain just a proof of concept or unreliable shellcode. If you are not downloading your exploits from a reliable source such as exploit-db.com, we strongly recommend you to generate the shellcode. Many exploits on the internet can contain shellcode that is actually executing a backdoor to your computer or worse.

Even when you have an exploit, it is essential to analyze any dependencies and the necessity to generate the shellcode for the exploit.

Changing your shellcode

One excellent example is when a shellcode found in exploit-db contains shellcode that does not work because the payload has some dependencies on parameters such as Ports or Operating system. Such shellcode will never work in your test environment and therefore, you will need to generate it from scratch.

An good example is an this exploit working for Windows XP OS: https://www.exploit-db.com/exploits/10099/

The exploit works with a return address which has been hard-coded and works for XP: RET = "\xCF\xBC\x08\x76" # 7608BCCF JMP ESP MSVCP60.dll

In order to use this exploit on another Windows version such as Win 7, you might need to find the correct RET address. This will require some reverse engineering and debugging to find out the right one.

Once you have found this information you can use some commands to generate this shellcode in this case, to create a bind shell.