Preface: The ShellCode running environment mentioned below is all Windows system. ShellCode also exists in other systems. If you are interested, you can search for relevant information by yourself.
What is ShellCode? Let's quote the description on Wikipedia: "ShellCode is a piece of code used to exploit software vulnerabilities. ShellCode is a hexadecimal machine code, named because it often allows attackers to obtain shells. ShellCode is often written in machine language. Since modern computer systems basically enable NX bit protection, machine code cannot be executed directly, and ShellCode can be written through return-oriented programming."
The author's understanding is: ShellCode is a piece of binary code that can run independently. You can turn a function into ShellCode and use it in another language, or you can run a program completely in the form of ShellCode. Many people may have come into contact with DLL insertion: that is, compiling a function as a DLL file, and then inserting it into another process through a remote thread to run. You can regard ShellCode as another form of DLL, but it is different from DLL: for example, there is an Office Word overflow vulnerability now, you can compile your program into ShellCode form, and then jump from the overflow point to the ShellCode entry point to run, which is something DLL cannot do, because when loading DLL through LoadLibrary, the Windows operating system will automatically load all DLLs that the DLL needs to …