-
SLAE Assignment 5: Shellcode Analysis
Assignment five is about analyzing three different shellcodes, created with msfpayload for Linux/x86. linux/x86/exec I choosed the linux/x86/exec shellcode as first example. With: $ msfpayload linux/x86/exec cmd=”ls” R | ndisasm -u – it is possible to disassemble the shellcode: 00000000 6A0B push byte +0xb 00000002 58 pop eax 00000003 99 cdq 00000004 52 push edx…
-
SLAE Assignment 4: Custom Encoder
This one is about building a custom encoder and decoder. For this I used an insertion / XOR encoder, that splits the shellcode into bytes and inserts a random value. Further the shellcode is decoded using xor with the random value. This way, we have a shellcode, that has nothing to do with the original…
-
SLAE Assignment 3: Egghunter Demo
This assignment is about writing a working demo of an egghunter. An egghunter code is basically a piece of code that is searching for a code word (the egg) in the memory. When the egg was found, the egghunter code jumps to the address behind the egg and executes the code at this address. For…
-
SLAE Assignment 2: Reverse Shell
What it is about: • Create a Shell_Reverse_TCP shellcode – Reverse connects to configured IP and Port – Execs shell on successful connection • IP and Port should be easily configurable Here is the C code I used for prototyping the assembler code: reverseshellds.c #include <unistd.h> #include <string.h> #include <sys/socket.h> #include <netinet/in.h> #include <arpa/inet.h> int main(void) {…
-
SLAE Assignment 1: Bind Shell
What it is about: • Create a Shell_Bind_TCP shellcode – Binds to a port – Execs Shell on incoming connection • Port number should be easily configurable Here is the C code for the bind shell, I used it for modelling the assembler code: bindshellds.c #include <unistd.h> #include <string.h> #include <sys/socket.h> #include <netinet/in.h> #include <arpa/inet.h> int main(void)…
-
Welcome
This blog was created mainly for my SLAE certification. More profiles: Blog in german Twitter Xing profile GIT