I learned a lot during Securitytube Linux Assembly Expert 32-bit course and decided to create a shellcode which downloads a file from the victim machine to the attacker’s machine. I used the same Makefile for the build process I had created earlier. 1. The pseudo code of the shellcode: Create a socket Connect back to…

In the last assignment of Securitytube Linux Assembly Expert 32-bit, I had to create a custom crpyter and test it with the execve-stack shellcode. If we want to avoid AV and IDS systems, we have to transform the shellcode somehow into a non-recognizable format. AV and IDS uses pattern recognition methods to find well-known shellcodes….

In the sixth assignment of the Securitytube Linux Assembly Expert 32-bit, I had to create polymorphic versions of three shellcode from the http://shell-storm.org/shellcode/. The three shellcodes I chose are: Linux x86 chmod 666 /etc/passwd & /etc/shadow – 57 bytes Linux/x86 – sends Phuck3d! to all terminals – 60 bytes Linux/x86 iptables –flush 43 bytes Polymorphism means…

List of linux/86 related payloads can be viewed with the following command: msfvenom -l payloads | grep linux/x86 I chose the following three payload for analysis: linux/x86/shell/reverse_tcp (two staged) linux/x86/read_file linux/x86/chmod     1. linux/x86/shell/reverse_tcp I decided to analyze the two staged reverse shell. I was always curious how it works. The linux/x86/shell_reverse_tcp is the one-staged version…

The fourth assignment of the Securitytube Linux Assembly Expert 32-bit was to create a custom encoder. The AntiVirus softwares and Intrusion Detection Systems use pattern matching technique to detect and recognize well-known shellcodes. One way to avoid detection is to transform the shellcode into another, unrecognizable format. This process is called encoding. The shellcode should…

In the third assignment of the Securitytube Linux Assembly Expert 32-bit certification I had to create a working demo of an egghunter. The egghunter is a small shellcode which searches the virtual address space for a unique pattern. When the unique pattern is found, it jumps to the instruction next to the pattern and starts to execute it. The…

In the second assignment of the Securitytube Linux Assembly Expert 32-bit certification I had to create a Shell_Reverse_TCP shellcode. This is very similar to the Shell_Bind_TCP, although a little bit simpler. I used the same Makefile to ease the build process. 1. The pseudo code of the Shell_Bind_TCP Create a socket Connect to the remote port…

In the first assignment of the Securitytube Linux Asssembly Expert 32-bit, I had to create a Shell_Bind_TCP shellcode. As the shellcode development requires lots of repetitive and error prone tasks, I created a Makefile first to make my life easier. The Makefile can: compile the shellcode.asm file run the compiled shellcode debug the shellcode disassemble the…