Jan 28, 2024

Emulating Shellcodes - Chapter 1

12:04 PM

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 


In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'


Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.




This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.


target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 


Eax is not a counter, is getting hardcoded values which is probably an API name:


In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.


More articles
  1. Termux Hacking Tools 2019
  2. Hackrf Tools
  3. Hackrf Tools
  4. Pentest Tools Website
  5. Hacking Tools Windows 10
  6. Hacking Tools
  7. Pentest Tools Github
  8. Pentest Tools Port Scanner
  9. Top Pentest Tools
  10. World No 1 Hacker Software
  11. Pentest Tools Open Source
  12. Hacker Hardware Tools
  13. Hacking Tools Windows
  14. Computer Hacker
  15. Github Hacking Tools
  16. Hack Tools Pc
  17. Hacking Tools Software
  18. Pentest Tools For Ubuntu
  19. Hacker Tools
  20. Github Hacking Tools
  21. New Hack Tools
  22. Hacking Tools For Windows
  23. Hacker Tools Apk
  24. Hacking Tools For Windows Free Download
  25. Hacker Tools
  26. Hack Tools For Mac
  27. Hackrf Tools
  28. Pentest Tools Tcp Port Scanner
  29. Nsa Hack Tools
  30. Hacking Tools Mac
  31. Pentest Tools Android
  32. Physical Pentest Tools
  33. Pentest Tools For Mac
  34. Hacking Tools Online
  35. Hacker Tools
  36. Wifi Hacker Tools For Windows
  37. Pentest Tools Find Subdomains
  38. Hacker Tools Hardware
  39. Pentest Tools Free
  40. Hacker Tools
  41. Hacking Tools Windows
  42. Hack Tools For Pc
  43. Hacking Tools Github
  44. Black Hat Hacker Tools
  45. Hacking Tools Free Download
  46. Hack Apps
  47. Pentest Recon Tools
  48. Hack Tools For Games
  49. Hacking App
  50. Tools 4 Hack
  51. Hacker Techniques Tools And Incident Handling
  52. Black Hat Hacker Tools
  53. Hack Apps
  54. Nsa Hacker Tools
  55. Hacker Tools Online
  56. Hak5 Tools
  57. Pentest Tools Framework
  58. World No 1 Hacker Software
  59. Hacking Tools Usb
  60. Easy Hack Tools
  61. Termux Hacking Tools 2019
  62. Nsa Hack Tools Download
  63. Hacker Tools Hardware
  64. Pentest Tools For Ubuntu
  65. Pentest Automation Tools
  66. Pentest Tools For Android
  67. Pentest Tools Website
  68. Hacker Tools For Mac
  69. Android Hack Tools Github
  70. Easy Hack Tools
  71. Hack Tools For Ubuntu
  72. Hacker Tools Apk
  73. Hacking Tools Pc
  74. Pentest Tools Find Subdomains
  75. Pentest Tools For Ubuntu
  76. New Hack Tools
  77. Hacker Tools Apk
  78. Hacker Tools For Mac
  79. Hack Tools Mac
  80. Hacking App
  81. Best Hacking Tools 2019
  82. Hack Tools For Ubuntu
  83. Free Pentest Tools For Windows
  84. Hacking Tools Windows
  85. Hacker Tools For Pc
  86. Hackers Toolbox
  87. Pentest Tools Find Subdomains
  88. Tools For Hacker
  89. Tools Used For Hacking
  90. Pentest Tools Linux
  91. Hak5 Tools
  92. New Hack Tools
  93. Hack Tools For Games
  94. Hacker Tools For Windows
  95. Pentest Tools Find Subdomains
  96. Pentest Tools
  97. Hacker Security Tools
  98. Hacking Tools 2020
  99. Hacker Tools For Mac
  100. Hacker Tools Software
  101. Hack Tools Download
  102. How To Install Pentest Tools In Ubuntu
  103. Pentest Tools Free
  104. Pentest Tools Download
  105. Nsa Hacker Tools
  106. Hacker Tools 2019
  107. Hacker
  108. Hacker Security Tools
  109. Hacker Tools Software
  110. What Is Hacking Tools
  111. Hacking Tools Mac
  112. Tools For Hacker
  113. Hack Tools For Pc
  114. Hack Tools
  115. Hack App
  116. Hacking Tools Kit
  117. Hacking Tools For Kali Linux
  118. Hacker Security Tools
  119. Hacking Tools Software
  120. Nsa Hack Tools
  121. Pentest Tools Website Vulnerability
  122. Hacks And Tools
  123. Pentest Tools Port Scanner
  124. Pentest Box Tools Download

0 အမွတ္တရေျပာသြားတာ:

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Powered by Blogger