---
title: Shellcoding Tips
categories: [cheatsheets]
tags: [security, exploitation]
---

# Shellcode

## Defeat null-bytes

For:
```
    mov eax, 0
```
Use:
```
    xor eax, eax  ; to clear/zero a register
```
For:
```
    mov ebx, 0x00XX
```
Use:
```
    mov ebx, 0x11XX
    shle 0x8
    shr 0x8
```


## Convert objectdump to a hex string of shellcode

```
for i in $(objdump -d <objfile.o> |grep "^ " |cut -f2); do echo -n '\x'$i; done; echo
```

## Execute shellcode in C-Code

```c
char shellcode[] = "H1 ....";

int main() {
    int(*ret)() = (int(*)())shellcode;
    ret();
    return 0;
}
```