Some time ago Michele blogged about the BeEF bind shellcode that Ty Miller wrote for the BeEF project. In the meantime we have committed the full source of this shellcode to the BeEF repository and it has been ported to Linux x86 and x64 as well. So, next time you find an exploitable overflow in an application, why not give BeEF Bind a try?
In contrast to the "classical" bind or reverse shell-shellcodes, BeEF bind makes use of Inter-Protocol Communication. This way it can be used in a very subtle way to pivot into a company's internal network by abusing a victim's hooked browser. To achieve this, our shellcode is in fact a small webserver that proxies all the commands back and forth between cmd.exe and the victim's browser.
more here.....http://blog.beefproject.com/2014/03/exploiting-with-beef-bind-shellcode_19.html
In contrast to the "classical" bind or reverse shell-shellcodes, BeEF bind makes use of Inter-Protocol Communication. This way it can be used in a very subtle way to pivot into a company's internal network by abusing a victim's hooked browser. To achieve this, our shellcode is in fact a small webserver that proxies all the commands back and forth between cmd.exe and the victim's browser.
more here.....http://blog.beefproject.com/2014/03/exploiting-with-beef-bind-shellcode_19.html