All posts about #shellcode



SLAE64 - Crypter

The seventh and final assignment of the SLAE64 exam states:

  • Create a custom crypto like the one shown in the "crypters" video
  • Free to use any existing encryption schema
  • Can use any programming language

Initially I wanted to use the Tiny Encryption Algorithm but decided against it and instead chose …




SLAE64 - Polymorphic shellcode

The sixth assignment of the SLAE64 exam states:

  • Take up to 3 shellcodes from Shell-Storm and create polymorphic version of them to beat pattern matching
  • The polymorphic versions cannot be larger than 150% of the original shellcode
  • Bonus points for making it shorter in length than original

When researching polymorphism …




SLAE64 - Metasploit analysis

The fifth assignment of the SLAE64 exam states:

  • Take up at least 3 shellcode samples created using Msfvenom (née Msfpayload) for linux/x86_64
  • Use GDB to dissect the functionality of the shellcode
  • Document your analysis

One thing that immediately stands out is the relative lack in diversity when it comes …




SLAE64 - Custom Encoder

The fourth assignment of the SLAE64 exam states:

  • Create a custom encoding scheme like the "insertion encoder" we showed you
  • PoC with using execve-stack as the shellcode to encode with your schema and execute

For this assignment I wrote a script which supports two encoders and it can also help …




SLAE64 - Egg Hunter

The third assignment of the SLAE64 exam states:

  • Study about the Egg Hunter shellcode
  • Create a working demo of the Egg Hunter
  • It should be configurable for different payloads

I for one had not heard before of the concept of an egg hunter so a little searching around led me …




SLAE64 - Reverse TCP shellcode

The second assignment of the SLAE64 exam states:

  • Create a Shell_Reverse_TCP shellcode:
    • Reverse connects to configure IP and port
    • Needs a "passcode"
    • If passcode is correct then execute a shell
  • Remove 0x00 from the Reverse TCP shellcode discussed in the course

Reverse TCP shellcode

This is quite a lot simpler …




SLAE64 - Bind TCP shellcode

The first assignment of the SLAE64 exam states:

  • Create a Shell_Bind_TCP shellcode:
    • Binds to a port
    • Needs a "passcode"
    • If passcode is correct then execute a shell
  • Remove 0x00 from the Bind TCP shellcode discussed in the course

Shell Bind TCP shellcode

The first assignment is to create a shell …