martes, 23 de enero de 2024

Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 


In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'


Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.




This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.


target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 


Eax is not a counter, is getting hardcoded values which is probably an API name:


In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.


Related posts
  1. Hacking Tools Download
  2. Black Hat Hacker Tools
  3. Hackers Toolbox
  4. Pentest Tools Bluekeep
  5. Install Pentest Tools Ubuntu
  6. Hacker Tools Linux
  7. Pentest Tools Online
  8. Tools Used For Hacking
  9. Hacking App
  10. Hacking Tools For Beginners
  11. Hacker Tools
  12. Hacker Tools For Windows
  13. Hack Tools For Pc
  14. Hacking Tools 2019
  15. Underground Hacker Sites
  16. World No 1 Hacker Software
  17. Underground Hacker Sites
  18. World No 1 Hacker Software
  19. Pentest Tools Nmap
  20. Hack Tools For Ubuntu
  21. Android Hack Tools Github
  22. Hacking Tools 2020
  23. Hack Tool Apk No Root
  24. Hack Tools For Windows
  25. Hacks And Tools
  26. Hacking Tools Hardware
  27. Install Pentest Tools Ubuntu
  28. Hacker Tools Software
  29. Tools Used For Hacking
  30. Tools For Hacker
  31. Pentest Tools Download
  32. Hacking Tools Download
  33. Black Hat Hacker Tools
  34. Hacking Tools Kit
  35. Hacking Tools Mac
  36. Hacker Tools 2019
  37. Pentest Tools For Windows
  38. Hacking Tools Pc
  39. Hacking Tools For Mac
  40. Nsa Hack Tools
  41. Hacker Tools Mac
  42. Hacking Tools Free Download
  43. Nsa Hack Tools
  44. Hack Tools Download
  45. Hack Tools 2019
  46. Underground Hacker Sites
  47. Pentest Automation Tools
  48. Pentest Recon Tools
  49. Ethical Hacker Tools
  50. Hack Tools 2019
  51. Hacking Tools For Kali Linux
  52. Hack Tools
  53. Hack Tools
  54. Hack App
  55. Hacker Tools List
  56. Game Hacking
  57. Pentest Tools Website
  58. Pentest Tools For Windows
  59. Top Pentest Tools
  60. Hack Apps
  61. Pentest Reporting Tools
  62. Hack And Tools
Publicado por en

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)