Malware programming code that is injected covertly into the computer. The term originated from code that activates a command shell to exploit the computer (see command processor) but may refer to any machine language embedded in data that is used to compromise either the local machine or a remote machine. "English shellcode" intersperses bits and pieces of command statements within a large segment of normal English text. The pieces are decoded into formal shell commands by a Trojan. See shell script.
Code or code fragments for various operating systems that can be pasted onto buffer overflow exploits. When crackers successfully exploit vulnerabilities such as buffer overflows, they typically open a shell at the end of the exploit. With a command-line shell, the cracker then can perform any task he or she desires. However, opening shells within buffer overflow exploits can be difficult. For this reason, crackers often maintain libraries of shellcode. Graham, R. Hacking Lexicon. [Online, 2001.] Robert Graham Website. http://www.linuxsecurity.com/resource_files/documentation/hacking-dict.html.