Sunday, January 28, 2024

Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 


In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'


Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.




This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.


target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 


Eax is not a counter, is getting hardcoded values which is probably an API name:


In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.


Related news
  1. Hacking App
  2. Hacks And Tools
  3. Pentest Tools For Mac
  4. Hacking Tools For Windows
  5. Hacking Tools Windows
  6. Hacker Tools Github
  7. Hack Tools For Games
  8. Nsa Hacker Tools
  9. Pentest Tools Android
  10. Free Pentest Tools For Windows
  11. Physical Pentest Tools
  12. Best Pentesting Tools 2018
  13. Tools Used For Hacking
  14. Hacking Tools Kit
  15. World No 1 Hacker Software
  16. Pentest Tools Review
  17. Tools For Hacker
  18. Hack Tools
  19. Pentest Tools For Windows
  20. Pentest Tools Online
  21. Hacker Tools
  22. Pentest Tools Kali Linux
  23. Pentest Tools Online
  24. Hacking Tools Pc
  25. Hacking Tools Kit
  26. Hacker Techniques Tools And Incident Handling
  27. Hacking Tools Online
  28. Android Hack Tools Github
  29. Hack Tools Mac
  30. Hacker Security Tools
  31. Hacker Tools Software
  32. Hacking Tools For Kali Linux
  33. Hacker Tools Online
  34. Pentest Box Tools Download
  35. Hacking Tools For Windows 7
  36. Hacking Apps
  37. Pentest Tools Windows
  38. Hacking Tools For Mac
  39. Nsa Hacker Tools
  40. Hacking Tools Hardware
  41. Github Hacking Tools
  42. Hacker Tools Free
  43. Top Pentest Tools
  44. Tools For Hacker
  45. How To Hack
  46. Hack Tools For Ubuntu
  47. Hacker Tools Windows
  48. Hacker Tools Apk Download
  49. Pentest Tools Online
  50. Hack Tool Apk
  51. Hacker Tools 2019
  52. Hack Rom Tools
  53. Pentest Tools Kali Linux
  54. How To Hack
  55. What Is Hacking Tools
  56. Pentest Box Tools Download
  57. Pentest Tools Windows
  58. Hacker Tool Kit
  59. Hacker Tools Linux
  60. Pentest Tools Website Vulnerability
  61. Pentest Tools Linux
  62. Hacker Hardware Tools
  63. Hacker Tools Online
  64. Pentest Tools Website
  65. Hacker Tools Apk
  66. Hacking Tools For Kali Linux
  67. What Are Hacking Tools
  68. Hacker Techniques Tools And Incident Handling
  69. Hacker Tool Kit
  70. Nsa Hack Tools Download
  71. Best Hacking Tools 2020
  72. Hacking Tools Online
  73. Hacker Tools Linux
  74. Pentest Reporting Tools
  75. World No 1 Hacker Software
  76. Pentest Tools Android
  77. Hacker
  78. Game Hacking
  79. Hacking Tools For Beginners
  80. How To Make Hacking Tools
  81. Hack Apps
  82. Pentest Tools Apk
  83. New Hack Tools
  84. Hacker Search Tools
  85. Hack App
  86. Pentest Tools For Android
  87. Install Pentest Tools Ubuntu
  88. Hacking Tools For Pc
  89. Hacker Tools 2020
  90. Hacker Tools Hardware
  91. Hack Tools For Pc
  92. Hacker Tools For Windows
  93. Free Pentest Tools For Windows
  94. Termux Hacking Tools 2019
  95. Wifi Hacker Tools For Windows
  96. Blackhat Hacker Tools
  97. Hacking Apps
  98. Hacks And Tools
  99. Nsa Hacker Tools
  100. Kik Hack Tools
  101. Hack App
  102. New Hack Tools
  103. Pentest Tools Linux
  104. Hacker Hardware Tools
  105. Best Hacking Tools 2020
  106. Hacker Techniques Tools And Incident Handling
  107. Hacking Tools Usb
  108. Hack Tool Apk
  109. Hacking Tools For Windows 7
  110. Pentest Tools For Android
  111. Hack Apps
  112. World No 1 Hacker Software
  113. How To Install Pentest Tools In Ubuntu
  114. Pentest Tools Tcp Port Scanner
  115. Hacker Tools List
  116. How To Install Pentest Tools In Ubuntu
  117. Hacker Tools Linux
  118. Best Pentesting Tools 2018
  119. Pentest Tools Free
  120. Hacking Tools Mac
  121. Hack Tools Pc
  122. Hacking Tools Online
  123. Pentest Tools Review
  124. Black Hat Hacker Tools
  125. Hack Tools Pc
  126. Hacking Tools For Windows Free Download
  127. Pentest Tools Apk
  128. Top Pentest Tools
  129. Hacker Tools
  130. Hacker Tools Software
  131. Hacking Tools Windows
  132. Hack Tools Download
  133. Pentest Tools Android
  134. Nsa Hack Tools Download
  135. Hack Apps
  136. Pentest Recon Tools
  137. Blackhat Hacker Tools
  138. Hacker Tools Apk
  139. Hacking Tools Download
  140. Hacking Tools Hardware
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)