SLAE #6: Polymorphic Shellcode for Linux/x86

On By DanielIn SLAE1 Comment

Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-6 directory. What is Polymorphic Shellcode? Quoting the Wikipedia article about Polymorphic Code directly: In …

Continue reading SLAE #6: Polymorphic Shellcode for Linux/x86

SLAE #5: Reverse Engineering Shellcode for Linux/x86

On By DanielIn SLAE1 Comment

Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-5 directory. Assignment Outline This particular assignment is to dissect three shellcodes from msfpayload using …

Continue reading SLAE #5: Reverse Engineering Shellcode for Linux/x86

SLAE #4: Encoding Shellcode for Linux/x86

On By DanielIn SLAE1 Comment

Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-4 directory. What is an Encoder? An encoder takes a set of data and transforms …

Continue reading SLAE #4: Encoding Shellcode for Linux/x86

SLAE #3: Egg Hunters for Linux/x86

On By DanielIn SLAE1 Comment

Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-3 directory. What is an Egg Hunter? Egg hunter shellcodes are one example of a …

Continue reading SLAE #3: Egg Hunters for Linux/x86

SLAE #2: Reverse Shell For Linux/x86

On By DanielIn SLAE1 Comment

Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-2 directory. The previous post outlined how the basics of writing shellcode and the prerequisite …

Continue reading SLAE #2: Reverse Shell For Linux/x86

SLAE #1: Bindshell Shellcode for Linux/x86

On By DanielIn SLAE1 Comment

Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 This course is an introduction to writing shellcode for Linux systems running on 32 bit x86 architecture. It consists of seven assignments: Writing a TCP bind shell shellcode Writing a reverse (connectback) shellcode A …

Continue reading SLAE #1: Bindshell Shellcode for Linux/x86

Windows base64 Encoding and Decoding Using certutil

On By DanielIn UncategorizedLeave a comment

I ran into a scenario where I was able to upload ASCII files, but executable files were being saved improperly. A common workaround for this is to use base64 to encode the executable, transfer the encoded data, then decode it on the recipient machine. The version of Windows I was using did not have base64 …

Continue reading Windows base64 Encoding and Decoding Using certutil