terça-feira, 30 de maio de 2023

Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 


In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'


Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.




This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.


target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 


Eax is not a counter, is getting hardcoded values which is probably an API name:


In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.


Continue reading
  1. Hacking Tools For Pc
  2. Pentest Tools Alternative
  3. Kik Hack Tools
  4. Hacker Tools Hardware
  5. Pentest Tools Linux
  6. Hack Tools For Pc
  7. Pentest Tools For Android
  8. Hacker Tools Free
  9. Top Pentest Tools
  10. Pentest Tools For Windows
  11. Ethical Hacker Tools
  12. Hack And Tools
  13. Hacking Tools Kit
  14. Hacking Tools Usb
  15. Hack Tools For Games
  16. Hacking Tools
  17. What Is Hacking Tools
  18. Pentest Tools Apk
  19. Hack Tools Download
  20. Easy Hack Tools
  21. Usb Pentest Tools
  22. New Hacker Tools
  23. Pentest Tools For Ubuntu
  24. Hacker Tools Linux
  25. Wifi Hacker Tools For Windows
  26. Hack Tool Apk No Root
  27. Hacks And Tools
  28. Hacking Tools Github
  29. Pentest Tools Website Vulnerability
  30. Pentest Tools Website Vulnerability
  31. Hack Tools
  32. Pentest Tools Alternative
  33. Pentest Tools Bluekeep
  34. Pentest Tools Online
  35. Pentest Tools For Android
  36. Hacker Tools Software
  37. Ethical Hacker Tools
  38. Hack Tools Download
  39. Pentest Box Tools Download
  40. Pentest Tools Port Scanner
  41. Install Pentest Tools Ubuntu
  42. Tools For Hacker
  43. Hacker Tools Windows
  44. Hacking Tools For Pc
  45. Black Hat Hacker Tools
  46. Pentest Tools For Windows
  47. Pentest Tools Find Subdomains
  48. Pentest Tools Download
  49. Hak5 Tools
  50. Best Hacking Tools 2019
  51. Hacking Tools For Beginners
  52. Nsa Hack Tools
  53. How To Hack
  54. How To Make Hacking Tools
  55. Hacker Techniques Tools And Incident Handling
  56. Pentest Tools Github
  57. Pentest Tools Apk
  58. Computer Hacker
  59. Blackhat Hacker Tools
  60. Hacking Tools For Games
  61. Hack App
  62. Hacking App
  63. Hack Website Online Tool
  64. Hacking Tools Windows 10
  65. Hacking Tools Pc
  66. Hacking Tools Pc
  67. Hacker Techniques Tools And Incident Handling
  68. Hacker Search Tools
  69. Bluetooth Hacking Tools Kali
  70. How To Make Hacking Tools
  71. Pentest Tools For Mac
  72. Hack Tools Pc
  73. Black Hat Hacker Tools
  74. Hack Tools 2019
  75. Hacking Tools Kit
  76. Hacking Tools For Beginners
  77. Hacking Tools Mac
  78. Pentest Tools Find Subdomains
  79. Hacking Tools
  80. Hacking Tools Online
  81. Hacking Tools For Mac
  82. Hacker Tools 2020
  83. Pentest Tools Url Fuzzer
  84. Hacking Tools Online
  85. Hacker Hardware Tools
  86. Pentest Tools For Ubuntu
  87. Termux Hacking Tools 2019
  88. Hack Tools For Pc
  89. Easy Hack Tools
  90. Physical Pentest Tools
  91. Pentest Tools Website Vulnerability
  92. Hack Tools
  93. Tools For Hacker
  94. Best Hacking Tools 2020
  95. Pentest Tools For Mac
  96. Hacker Hardware Tools
  97. Hack Tools Github
  98. Hack Tools
  99. Pentest Tools Subdomain
  100. Pentest Tools Android
  101. Hack Tools For Pc
  102. Hack Tools 2019
  103. Hacker Techniques Tools And Incident Handling
  104. Hacking Tools Usb
  105. Hacking Tools 2019
  106. Hack Tool Apk
  107. Github Hacking Tools
  108. Pentest Tools
  109. Kik Hack Tools
  110. Hacker Tools For Mac
  111. What Are Hacking Tools
  112. Hacking Apps
  113. Pentest Tools List
  114. Pentest Tools Find Subdomains
  115. Hack Tools Github
  116. Install Pentest Tools Ubuntu
  117. What Is Hacking Tools
  118. Pentest Tools Free
  119. Kik Hack Tools
  120. Hacker Tools Free
Postado por às

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)