well, most of the time i check some exploits and i always see lines such as this one
\x5b\x31\x43\x1a\x83\xeb\xfc\x03\x43\x16\xe2\xd7\x3b\xbc\x7a
ok those are hex, but what they usually mean and what are for ?
can anyone help me understand it ?
ok i find out that it's shellcoding. any links you recommand that helps me understand shellcoding and buffer overflow ?
there was an old paper that i used to read, i think it was called "Smashing the Stack for Fun and Profit" should be usefull.

and these are simply the hex of assembly instructions that will be executed
samer wroteI recommend reading Smashing the Stack for Fun and Profit by Aleph One. It's a nice introduction to buffer overflows that first appeared in Phrack magazine.
I have followed up Aleph One stuff for almost 15 years. there is a smart guy in every sense, i highly recommend his stuff.
Indeed, those are shellcode. You will have to read the links and the book (I read it a longtime ago, I can confirm it's good) the guys referred to to get a deeper, exact, and practical understanding.
- Some shellcode basically execute syscalls (i.e. execl, setuuid) to gain a local/remote shell on a system.
- Size of shellcode matters in order to inject them (the book details the various methods to write shellcode, there are tricks to do with not using registers and save EIP on the stack)
- Shellcode may differ from OS to another ( for BSD is different than for Linux, particularly BSD doesn't push to registers iirc unlike linux )
- Some shellcode are polymorphic (google that)
- There is a 'off by one' titled paper in one of phrack issues that makes a good read too
- I forgot the process to produce shellcode, but if you're good at ASM it'll be easier. You can also write in C, compile to object code? Use a linker? NASM? I can't put it back altogether without more efforts :)
- Some keywords (jargon): EIP, EBP, ESP, linker, 'the shellcoders handbook', phrack, uid (real / virtual ), format strings, heap/buffer overflows

Happy ASM coding!