Jumat, 02 Juni 2023

Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 


In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'


Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.




This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.


target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 


Eax is not a counter, is getting hardcoded values which is probably an API name:


In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.


More information
  1. Best Hacking Tools 2019
  2. Hacker Tools Github
  3. What Are Hacking Tools
  4. Android Hack Tools Github
  5. Nsa Hack Tools Download
  6. Hacking Tools Windows
  7. Pentest Tools Kali Linux
  8. Android Hack Tools Github
  9. New Hack Tools
  10. Growth Hacker Tools
  11. Pentest Tools Alternative
  12. Pentest Recon Tools
  13. Hack Tools For Pc
  14. Pentest Tools List
  15. Hacking Tools Windows 10
  16. Pentest Tools Website Vulnerability
  17. Install Pentest Tools Ubuntu
  18. Hack App
  19. Nsa Hacker Tools
  20. Hacker Hardware Tools
  21. Pentest Tools Website
  22. Pentest Tools Apk
  23. Hacker Techniques Tools And Incident Handling
  24. Hacker Tools Online
  25. Hacker Hardware Tools
  26. Hacking Tools For Windows 7
  27. Pentest Tools For Ubuntu
  28. Pentest Tools Url Fuzzer
  29. Hack Tools For Games
  30. Pentest Tools Online
  31. Hacking Tools Mac
  32. Hacking Tools For Windows 7
  33. Github Hacking Tools
  34. Wifi Hacker Tools For Windows
  35. Pentest Recon Tools
  36. Pentest Tools
  37. Hacking Tools Usb
  38. Tools Used For Hacking
  39. Pentest Tools Apk
  40. Nsa Hack Tools Download
  41. Hacking Tools For Windows Free Download
  42. Hacking Tools Name
  43. Hack Tools For Mac
  44. Pentest Tools Find Subdomains
  45. Hack Tools For Games
  46. Hacker Tools List
  47. Blackhat Hacker Tools
  48. Hacker Tools 2020
  49. Tools For Hacker
  50. Hacker Tools Free Download
  51. Game Hacking
  52. Pentest Tools Alternative
  53. Hacker Tools List
  54. Pentest Tools Download
  55. Hack Rom Tools
  56. Hack Tools For Pc
  57. Hacker Tools For Mac
  58. Hacking Tools For Windows Free Download
  59. Hacking Tools Github
  60. Hack Tools
  61. Hacking Tools For Kali Linux
  62. Termux Hacking Tools 2019
  63. Hacking Tools For Beginners
  64. Hack Tools Mac
  65. Pentest Tools Url Fuzzer
  66. Pentest Tools Download
  67. Hacking Tools For Games
  68. Hack Tools Mac
  69. What Are Hacking Tools
  70. Hacker
  71. Hack Tools Download
  72. Pentest Tools For Windows
  73. Pentest Tools Tcp Port Scanner
  74. Hackrf Tools
  75. Hacking Tools Pc
  76. Bluetooth Hacking Tools Kali
  77. Hack App
  78. Hack Rom Tools
  79. Hacking Apps
  80. Pentest Tools Android
  81. Hacker Tools For Windows
  82. Best Hacking Tools 2019
  83. Hacker Tools Software
  84. Install Pentest Tools Ubuntu
  85. Hacker
  86. Pentest Tools Github
  87. Physical Pentest Tools
  88. Hacking Tools For Kali Linux
  89. Hacker Tools
  90. Hacking App
  91. Install Pentest Tools Ubuntu
  92. Hacker Tools Online
  93. Hacker Tools Software
  94. Wifi Hacker Tools For Windows
  95. Hack Tools Pc
  96. Pentest Tools Tcp Port Scanner
  97. Hacking Tools Hardware
  98. Blackhat Hacker Tools
  99. Hacker Tools Apk Download
  100. Hacker Tools For Pc
  101. Hack Tools For Pc
  102. Hacking Tools For Pc
  103. Hacking Tools For Windows 7
  104. Hack Tools Mac
  105. Kik Hack Tools
  106. Kik Hack Tools
  107. Hackrf Tools
  108. Hack Website Online Tool
  109. Hack Tools For Ubuntu
  110. Hack Tools For Games
  111. Hacks And Tools
  112. Pentest Recon Tools
  113. Computer Hacker
  114. Hacking Tools 2019
  115. Computer Hacker
  116. Hacker Tools Github
  117. Pentest Tools
  118. Hacker Tools For Ios
  119. Pentest Tools Apk
  120. Pentest Tools Website
  121. Hacker Tools Github
  122. Hacker Techniques Tools And Incident Handling
  123. Hack Website Online Tool
  124. How To Make Hacking Tools
  125. Hacking Tools For Pc
  126. Hack Tool Apk
  127. How To Hack
  128. Pentest Tools Review
  129. Hack App
  130. Pentest Tools Find Subdomains
  131. Hacking Tools 2019
  132. Hacker Tools For Pc
  133. Hacking Tools For Windows Free Download
Diposting oleh di

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)