1 00:00:00,640 --> 00:00:06,370 Hello, my name is Typhoon and today we are embarking on an exciting journey into the realm of cybersecurity, 2 00:00:06,370 --> 00:00:10,150 where we will unravel the intricacies of Shellcode. 3 00:00:10,150 --> 00:00:18,070 And in this detailed lecture we will explore the concepts of Shellcode, its purpose and its role in 4 00:00:18,070 --> 00:00:23,370 buffer overflow attacks and dissect a practical example step by step. 5 00:00:23,380 --> 00:00:33,400 So now let's delve right in the Shellcode a term originally rooted in reverse shell creation was a pivotal 6 00:00:33,400 --> 00:00:36,640 role in the realm of cyber exploits. 7 00:00:36,790 --> 00:00:44,380 Unlike shell scripting, which involves scripting bash commands, Shellcode engages directly with a 8 00:00:44,380 --> 00:00:49,990 program's registers and functions to accomplish specific outcomes. 9 00:00:50,350 --> 00:00:56,200 Shellcode is written in assembly language and then translated into hexadecimal Opcodes. 10 00:00:56,200 --> 00:01:04,610 So these opcodes interact with the program to manipulate its behavior and achieve specific goals. 11 00:01:04,610 --> 00:01:10,910 So it becomes especially relevant when exploiting vulnerabilities in software systems. 12 00:01:10,910 --> 00:01:19,310 So the complexity of the vulnerability determines the length and intricacy of the shellcode required. 13 00:01:19,310 --> 00:01:23,210 So one of the intriguing features of Shellcode is its efficiency. 14 00:01:23,210 --> 00:01:30,740 So by providing tailored inputs to a program, Shellcode can effectively trigger actions like spawning 15 00:01:30,770 --> 00:01:32,000 a reverse shell. 16 00:01:32,000 --> 00:01:39,470 So this efficiency makes Shellcode a powerful tool for cyber attacks, and particularly in situations 17 00:01:39,470 --> 00:01:42,260 where vulnerabilities are exposed. 18 00:01:42,260 --> 00:01:48,680 And now let's delve into an illustrative example to solidify our understanding. 19 00:01:48,710 --> 00:01:52,970 Now we will open our Visual Studio code here. 20 00:01:53,360 --> 00:01:55,430 We'll create a new file. 21 00:01:55,430 --> 00:01:57,260 And my. 22 00:01:58,420 --> 00:02:01,480 New Shellcode example. 23 00:02:01,870 --> 00:02:10,270 See here and save it on the desktop or whatever folder you like here and now. 24 00:02:10,270 --> 00:02:15,460 We will firstly write our code and then I will explain this code line by line. 25 00:02:15,460 --> 00:02:20,020 So we will include the Stdio dot h here. 26 00:02:21,380 --> 00:02:25,370 Um, and after that, we will create our main function. 27 00:02:26,440 --> 00:02:27,970 Other arguments here. 28 00:02:28,240 --> 00:02:30,490 Character Array. 29 00:02:31,530 --> 00:02:31,890 Who? 30 00:02:35,750 --> 00:02:37,310 Zero is. 31 00:02:37,960 --> 00:02:38,560 Been. 32 00:02:40,210 --> 00:02:40,900 Been. 33 00:02:41,480 --> 00:02:42,100 Age. 34 00:02:43,520 --> 00:02:44,450 Arguments. 35 00:02:44,480 --> 00:02:46,750 One going to be a new. 36 00:02:48,060 --> 00:02:50,170 And also X. 37 00:02:51,340 --> 00:02:52,720 Here we. 38 00:02:53,800 --> 00:02:54,320 Zig zag. 39 00:02:54,400 --> 00:02:54,540 We. 40 00:02:56,100 --> 00:03:00,120 And after that been again. 41 00:03:02,370 --> 00:03:05,730 And here we will pass arcs again. 42 00:03:05,820 --> 00:03:09,330 And as a third parameter, we will pass null. 43 00:03:10,720 --> 00:03:21,310 And after that, here we will we have completed our code and we will just return with the zero here. 44 00:03:23,890 --> 00:03:25,360 Returns zero. 45 00:03:25,630 --> 00:03:30,790 So here now I will explain this code line by line. 46 00:03:30,790 --> 00:03:37,960 And at first, at first line, this line includes the standard input output library header, enabling 47 00:03:37,960 --> 00:03:40,710 input and output operations. 48 00:03:40,720 --> 00:03:48,250 This is the main function declaration where the program execution begins from here and we have created 49 00:03:48,640 --> 00:03:58,390 a arguments array of size two is declared to hold the command line arguments and here we have arguments. 50 00:03:58,390 --> 00:03:58,840 Zero. 51 00:03:58,840 --> 00:04:05,800 This is the first element of arcs is assigned the path of the shell executable here. 52 00:04:05,800 --> 00:04:11,110 In this case it's been as h for Linux and args one. 53 00:04:11,110 --> 00:04:21,010 Here is the this is the second element of arcs is set to null indicating the end of the argument list. 54 00:04:21,490 --> 00:04:29,590 And also we have zig zag or pronounce it. 55 00:04:30,400 --> 00:04:37,780 This is the this function is invoked to execute the shell beans with the provided arguments. 56 00:04:38,350 --> 00:04:41,740 So this essentially spawns a new shell process. 57 00:04:41,740 --> 00:04:46,390 And also we have return zero. 58 00:04:46,420 --> 00:04:51,370 This function returns zero indicating successful execution. 59 00:04:51,370 --> 00:04:57,370 So this code, when compiled and modified, can be transformed into input strings usable against vulnerable 60 00:04:57,370 --> 00:04:58,270 programs. 61 00:04:58,360 --> 00:04:59,910 Gain shell Access. 62 00:04:59,920 --> 00:05:07,030 The exec functions role here is to execute the shell, inheriting the permissions of the target program. 63 00:05:07,030 --> 00:05:10,690 So shell code is frequently employed in buffer overflow attacks. 64 00:05:10,690 --> 00:05:19,360 And in a sense, a buffer overflow attack occurs when a program writes data exceeding allocated memory, 65 00:05:19,390 --> 00:05:25,490 potentially leading to crashes, data overwrites or unintended code execution. 66 00:05:25,490 --> 00:05:31,070 So to conclude, shell code is a potent tool for exploiting software vulnerabilities. 67 00:05:31,070 --> 00:05:38,990 Its direct interaction with a program internals enables specific outcomes or exploration has also illuminated 68 00:05:38,990 --> 00:05:46,130 its role in buffer overflow attacks, emphasizing its significance in cyber security.