Windows Shellcode – Download and Execute Payload Using MSIEXEC

Hello and welcome! Today I will be sharing a shellcode that came across my mind when I was preparing for my OSCE exam, so this inspired me to write and share my knowledge on how I developed a shellcode for windows to download and execute a remote payload using windows installer(msiexec.exe).The objective for this shellcode … Continue reading Windows Shellcode – Download and Execute Payload Using MSIEXEC

0x7: Custom_crypter – Linux/x86

This blog post has been created for completing the requirements of the¬†SecurityTube Linux Assembly Expert Certification Student ID:¬†SLAE-1233 Assignment:¬†7 Github repo:¬†https://github.com/kartikdurg In this post we will aim to create a custom shellcode crypter. This crypter program will encrypt our shellcode and then execute it after successful decryption at runtime, in order to bypass anti-virus and … Continue reading 0x7: Custom_crypter – Linux/x86

0x6: Polymorphic_Shellcode_Example – Linux/x86

This blog post has been created for completing the requirements of the¬†SecurityTube Linux Assembly Expert Certification Student ID:¬†SLAE-1233 Assignment:¬†6 Github repo:¬†https://github.com/kartikdurg The objective of this assignment is to take up 3+ shellcode from Shell-Storm or Exploit-DB and create a polymorphic version of same to beat pattern matching. Creating a polymorphic version means, modifying the code … Continue reading 0x6: Polymorphic_Shellcode_Example – Linux/x86

0x5: Dissecting_Metasploit_Shellcode – Linux/x86

This blog post has been created for completing the requirements of the¬†SecurityTube Linux Assembly Expert Certification Student ID:¬†SLAE-1233 Assignment:¬†5 Github repo:¬†https://github.com/kartikdurg In this post we will be dissecting and analyzing the metasploit shellcodes using Ndisasm and Libemu. Libemu:¬†https://github.com/buffer/libemu Packages like dh-autoreconf and graphviz are also needed in order to install and use libemu. Now, lets … Continue reading 0x5: Dissecting_Metasploit_Shellcode – Linux/x86

0x4: ROT13_XOR_Encoder_MMX_Decoder_Shellcode – Linux/x86

This blog post has been created for completing the requirements of the¬†SecurityTube Linux Assembly Expert Certification Student ID:¬†SLAE-1233 Assignment:¬†4 Github repo:¬†https://github.com/kartikdurg In this post I will be using one of my custom encoding schema "ROT13-XOR-Encoder" to encode execve-stack shellcode and also a decoder stub for the same using MMX instruction for shellcode execution. References: Intel … Continue reading 0x4: ROT13_XOR_Encoder_MMX_Decoder_Shellcode – Linux/x86

0x3: Shellcode_Egg_Hunter – Linux/x86

This blog post has been created for completing the requirements of the¬†SecurityTube Linux Assembly Expert Certification Student ID:¬†SLAE-1233 Assignment:¬†3 Github repo:¬†https://github.com/kartikdurg What is an Egg-Hunter? The "Egg-Hunter" is a technique used to search for an unique¬†"tag" that was¬†prefixed with the large shellcode and start the execution of shellcode once found. Why do we need Egg-Hunter? … Continue reading 0x3: Shellcode_Egg_Hunter – Linux/x86

0x2: Shell_Reverse_TCP_IPV6 – Linux/x86

This blog post has been created for completing the requirements of the¬†SecurityTube Linux Assembly Expert Certification Student ID:¬†SLAE-1233 Assignment: 2 Github repo:¬†https://github.com/kartikdurg The objective of this assignment is to create a Shell_Reverse_TCP in Linux/x86 Assembly for which, IP and port number should be easily configurable. Lets jump into our connect-back shellcode for IPv6 socket in … Continue reading 0x2: Shell_Reverse_TCP_IPV6 – Linux/x86