Tags » Shellcode

Analysis of Metasploit Shellcode linux/x64/shell_find_port

I decided the last shellcode to be analyzed should be linux/x64/shell_find_port. Actually, I was really interested how this one works. The initial steps were exactly the same as for the previous analysis. 560 more words

Analysis of Metasploit Shellcode linux/x64/shell_bind_tcp_random_port

I’m getting lazy so I will skip the basic intro and start from the point where actually I had to deal with the code of shell_bind_tcp_random_port. 453 more words

Analysis of Metasploit Shellcode linux/x64/exec

I had the freedom to choose any of the linux x64 shellcodes for analysis as part of the SLAE64 exam. Thought I will start win an easy one this is how I ended up looking at linux/x64/exec. 644 more words

A Single Syscall?

Still SLAE64. We got extra points for any additional shellcodes so I have decided to create an obfuscated, self-modifying version of my bind shellcode. The code can be seen below without much explanation. 283 more words

Encrypt / Decrypt

As I’m getting tired of this copy paste to migrate content from my old site to WordPress I was considering not to share the results of the SLAE64 challenge where I had to encrypt (DES) my password protected bind shellcode, then I had to create code to decrypt it and get it executed. 663 more words

Polymorp - Final Round

This time my victim was the extremely long shellcode at http://shell-storm.org/shellcode/files/shellcode-658.php. Yet again, I started with optimizing the original code to make it as short as I can. 651 more words

Polymorph - the 2nd

The second victim of my in-brain polymorphic engine was the shellcode at http://shell-storm.org/shellcode/files/shellcode-867.php. I have optimized the original code a bit so I ended up having space for a decoder routine to decode the XOR encoded file names. 186 more words