Tags » Shellcode

Shellcode: The hunt for GetProcAddress

Introduction

Recently revealed by Alex Ionescu, future releases of Windows will include Enhanced Mitigation Experience Toolkit (EMET) built into the kernel.

As more mitigation features appear in MSVC and the Windows operating system, the difficulty of locating API to exploit memory corruption vulnerabilities increases. 1,248 more words

Programming

Shellcode: x86 optimizations part 1

Introduction

What follows are a number of basic ways to compact shellcodes. In a follow up post, I’ll discuss a few ways to obfuscate them which might be useful for evading signature detection algorithms. 3,380 more words

Programming

AppLocker Bypass - Assembly Load

It is possible in an environment that AppLocker is enabled to run an executable due to the way that assemblies are loaded in .NET applications. This bypass┬ámethod was discovered by… 286 more words

Defense Evasion

AppLocker Bypass - MSBuild

Microsoft has released a lot of binaries within the .NET framework that have the ability to compile and execute code. Originally MSBuild was introduced in order to enable developers to build products in environments where Visual Studio is not installed. 355 more words

Defense Evasion

DoublePulsar exploit: victim devices are widespread

Last month the hacking group known as the Shadow Brokers made available a set of exploits (this appears to be their last remaining set). These exploits allegedly came from the NSA. 563 more words

Security Advice

SLAE #7: Shellcode Crypter for Linux/x86

Introduction

This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification:

Student ID: SLAE-877

To get the code provided in this exercise: 1,018 more words

Linux

SLAE #6: Polymorphic Shellcode for Linux/x86

Introduction

This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification:

Student ID: SLAE-877

To get the code provided in this exercise: 881 more words

Linux