Windows Syscall Shellcode

by Piotr Bania
Sept. 25, 2017 1 comment Symantec Apps & Hardening

This article has been written to show that is possible to write shellcode for Windows operating systems that doesn't use standard API calls at all. Of course, as with every solution, this approach has both advantages and disadvantages. In this paper we will look at such shellcode and also introduce some example usage. IA-32 assembly knowledge is definitely required to fully understand this article. All shellcode here has been tested on Windows XP SP1. Note that there are variations in the approach depending on the operating system and service pack level, so this will be discussed further as we pro

https://www.symantec.com/connect/articles/windows-syscall-shellcode

Avatar
2flash 2 months, 2 weeks ago

Good presentation from Mr. Bania. Stuff like this should be read more by people interested in the evolution of IT Security.

Reply