I learned a lot during Securitytube Linux Assembly Expert 32-bit course and decided to create a shellcode which downloads a file from the victim machine to the attacker’s machine. I used the same Makefile for the build process I had created earlier. 1. The pseudo code of the shellcode: Create a socket Connect back to…
SLAE32 – Assigment #7, Custom crypter
In the last assignment of Securitytube Linux Assembly Expert 32-bit, I had to create a custom crpyter and test it with the execve-stack shellcode. If we want to avoid AV and IDS systems, we have to transform the shellcode somehow into a non-recognizable format. AV and IDS uses pattern recognition methods to find well-known shellcodes….
SLAE32 – Assigment #6, Polymorphic shellcodes
In the sixth assignment of the Securitytube Linux Assembly Expert 32-bit, I had to create polymorphic versions of three shellcode from the http://shell-storm.org/shellcode/. The three shellcodes I chose are: Linux x86 chmod 666 /etc/passwd & /etc/shadow – 57 bytes Linux/x86 – sends Phuck3d! to all terminals – 60 bytes Linux/x86 iptables –flush 43 bytes Polymorphism means…
SLAE32 – Assigment #5, Analysis of 3 Msfpayload
List of linux/86 related payloads can be viewed with the following command: msfvenom -l payloads | grep linux/x86 I chose the following three payload for analysis: linux/x86/shell/reverse_tcp (two staged) linux/x86/read_file linux/x86/chmod 1. linux/x86/shell/reverse_tcp I decided to analyze the two staged reverse shell. I was always curious how it works. The linux/x86/shell_reverse_tcp is the one-staged version…
SLAE32 – Assigment #4, Custom encoder
The fourth assignment of the Securitytube Linux Assembly Expert 32-bit was to create a custom encoder. The AntiVirus softwares and Intrusion Detection Systems use pattern matching technique to detect and recognize well-known shellcodes. One way to avoid detection is to transform the shellcode into another, unrecognizable format. This process is called encoding. The shellcode should…
SLAE32 – Assigment #3, Egghunter
In the third assignment of the Securitytube Linux Assembly Expert 32-bit certification I had to create a working demo of an egghunter. The egghunter is a small shellcode which searches the virtual address space for a unique pattern. When the unique pattern is found, it jumps to the instruction next to the pattern and starts to execute it. The…
SLAE32 – Assigment #2, Shell_Reverse_TCP
In the second assignment of the Securitytube Linux Assembly Expert 32-bit certification I had to create a Shell_Reverse_TCP shellcode. This is very similar to the Shell_Bind_TCP, although a little bit simpler. I used the same Makefile to ease the build process. 1. The pseudo code of the Shell_Bind_TCP Create a socket Connect to the remote port…
SLAE32 – Assigment #1, Shell_Bind_TCP
In the first assignment of the Securitytube Linux Asssembly Expert 32-bit, I had to create a Shell_Bind_TCP shellcode. As the shellcode development requires lots of repetitive and error prone tasks, I created a Makefile first to make my life easier. The Makefile can: compile the shellcode.asm file run the compiled shellcode debug the shellcode disassemble the…
- This blog is dedicated to my research and experimentation on ethical hacking. The methods and techniques published on this site should not be used to do illegal things. I do not take responsibility for acts of other people.
-
Recent Posts
Categories
- Android (5)
- Fusion (2)
- IoT (13)
- Main (3)
- Mobile (6)
- Protostar (24)
- SLAE32 (8)
- VulnServer (6)
- Windows Reverse Shell (2)