quinta-feira, 25 de maio de 2023

Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 


In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'


Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.




This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.


target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 


Eax is not a counter, is getting hardcoded values which is probably an API name:


In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.


Related news
  1. Hacker Tools List
  2. Computer Hacker
  3. Hacking Tools Hardware
  4. Hack Tools Mac
  5. Wifi Hacker Tools For Windows
  6. Pentest Tools For Windows
  7. Hacker Tools List
  8. Computer Hacker
  9. Hack App
  10. Install Pentest Tools Ubuntu
  11. Hack Tools For Ubuntu
  12. Hacking Tools 2020
  13. Hacker Tools For Windows
  14. Pentest Tools Find Subdomains
  15. Hacking Tools Usb
  16. New Hack Tools
  17. Pentest Tools For Ubuntu
  18. Pentest Tools For Mac
  19. Growth Hacker Tools
  20. Hack Tools
  21. Hack And Tools
  22. Pentest Tools For Windows
  23. Hacker Tools Linux
  24. Pentest Tools For Ubuntu
  25. Pentest Tools Website
  26. Hacking Tools For Mac
  27. How To Make Hacking Tools
  28. Free Pentest Tools For Windows
  29. Hacking Tools Kit
  30. Pentest Tools For Android
  31. Pentest Tools Alternative
  32. Hacking Tools For Beginners
  33. Hack Tool Apk No Root
  34. Pentest Tools Find Subdomains
  35. Hacking Tools Pc
  36. Pentest Tools Nmap
  37. Hacking Tools Software
  38. Hack Tools
  39. Easy Hack Tools
  40. Hacking Tools
  41. Hacking Tools For Games
  42. Best Hacking Tools 2019
  43. Pentest Tools Linux
  44. Hacking Tools Usb
  45. Hacks And Tools
  46. Pentest Tools Port Scanner
  47. Hacking Tools Free Download
  48. Hacking Tools Windows 10
  49. Hacker Tool Kit
  50. Hacker Tools For Mac
  51. Hack Website Online Tool
  52. Pentest Automation Tools
  53. Hacking Tools Kit
  54. Hacking Tools Software
  55. Hacking Tools 2020
  56. Pentest Tools Online
  57. Termux Hacking Tools 2019
  58. New Hack Tools
  59. Android Hack Tools Github
  60. Easy Hack Tools
  61. Hackrf Tools
  62. Hacking Tools
  63. Hacking Tools Pc
  64. Hack App
  65. Hacking Tools For Windows Free Download
  66. What Are Hacking Tools
  67. Hacker Tools Free
  68. Pentest Tools Review
  69. How To Make Hacking Tools
  70. Hacker Tools Apk Download
  71. Hacking Apps
  72. Beginner Hacker Tools
  73. Hacks And Tools
  74. Hack Tools Pc
  75. Best Hacking Tools 2019
  76. Hacking Tools Free Download
  77. Kik Hack Tools
  78. Hacking Tools Github
  79. Hacking Tools Windows
  80. Hacker Tools For Windows
  81. Pentest Tools Apk
  82. Hacking Tools Download
  83. Hacking Tools Mac
  84. New Hack Tools
  85. Hacker Tools Github
  86. Hacking Tools For Mac
  87. Hacking Tools For Beginners
  88. Pentest Recon Tools
  89. Hacking Tools Kit
  90. Hacking Apps
  91. Tools For Hacker
  92. Hak5 Tools
  93. Pentest Tools
  94. Growth Hacker Tools
  95. Hacker Tools 2020
  96. Pentest Tools Find Subdomains
  97. Top Pentest Tools
  98. Hack Tools For Windows
  99. Nsa Hack Tools Download
  100. Pentest Tools Alternative
  101. What Are Hacking Tools
  102. Hack Tool Apk No Root
  103. Pentest Tools Find Subdomains
Postado por às

Nenhum comentário:

Postar um comentário