This a bind tcp shellcode that open a listen socket on 0.0.0.0 and port 1337. In order to accomplish this task the shellcode uses the PEB method to locate the baseAddress of the required module and the Export Directory Table to locate symbols. Also the shellcode uses a hash function to gather dynamically the required symbols without worry about the length.
- Author: h4pp1n3ss
- Date: Mon 10/05/2021
- Tested on: Microsoft Windows [Version 10.0.19042.1237]
This shellcode uses a couple of Windows API from ws2_32.dll
int WSAStartup(
WORD wVersionRequired,
LPWSADATA lpWSAData
);
and
SOCKET WSAAPI WSASocketA(
int af,
int type,
int protocol,
LPWSAPROTOCOL_INFOA lpProtocolInfo,
GROUP g,
DWORD dwFlags
);
int bind(
SOCKET s,
const sockaddr *addr,
int namelen
);
int WSAAPI listen(
SOCKET s,
int backlog
);
int WSAGetLastError();
SOCKET WSAAPI accept(
SOCKET s,
sockaddr *addr,
int *addrlen
);